Abstract |
DNSfilter is an alternative solution to cloud-based DNS-based web filtering systems developed from scratch, implementing a recursive and caching DNS server with domain filtering capability added into it, and supports Internet Protocol version 4. It includes a web-based user interface where administrators can manage the server settings and monitor DNS requests coming from a host, subnet, or network. Although primarily designed for homes and schools, DNSfilter can also be used in the enterprise with little or no modification.
Following the Erlang/OTP design principles, DNSfilter was developed with fault-tolerant concurrency in mind. And to test its functionality, it was deployed in a school local area network (LAN) and made available to the users within the campus, as well as to some home and enterprise users located nearby. It was observed that DNSfilter was able to filter unwanted websites at the DNS level based on some pre-determined test domains, resulting in users browsing these websites being intercepted and then redirected to the DNSfilter internal notification website. In addition, a benchmark was conducted, using the DNSbench and Namebench tools, to compare the performance of DNSfilter against LAN-based non-filtering resolver-only solutions, such as Bind and Unbound and cloud-based DNS-based web filtering systems, like OpenDNS, DNSAdvantage, Dyn, Yandex.DNS, and Comodo DNSSecure. Results show that DNSfilter offered the same reliability and performed closely with both these systems in servicing uncached and .com DNS requests. However, in the case of cached DNS requests, DNSfilter, when installed on the same network as its clients, performed closely with the LAN-based non-filtering resolver-only solutions but outperformed its cloud-based counterparts, in terms of how fast they can answer requests whose responses are already in their caches. |