Before discussing Domain Name System (DNS) based bypassing, we will briefly describe the fundamentals of DNS to make it easier to grasp the filtering mechanism. Basically, DNS is a translation mechanism that converts domain names to IP addresses. Since memorizing names is much easier than memorizing IP addresses, which are long strings of numbers, accessing internet resources is easier using DNS. To visit a website, all we need to know is the address of that website, not its IP address. DNS does the rest of the operation, resolving the IP address for that domain name and forwarding the request to the server.
When it comes to filtering, DNS is another option for enforcing censorship. Since the initial step is to learn the IP address of the target service, a DNS server can be configured to block access to that service. If a specific domain name is black-listed, DNS will block access to that website by not answering the DNS request. It is also possible to configure DNS to return a different IP address for a specific query, which would result in ending up on a totally different website.
Bypassing DNS filters is not complicated. If the resource itself or the target website is not blocked, merely changing the DNS server to a different and untampered one would be enough. Alternatively, if the IP address of the webserver is known, it may also be possible to access it directly via its IP address. However, many websites operate on virtual hosting servers with shared IP addresses where direct IP access rarely works. As an example of such censorship attempts, during March 2014, this type of DNS filtering was enforced for the Twitter website by the Turkish government, claiming that Twitter had failed to comply with court orders in Turkey. According to news agencies and cybersecurity researchers, many citizens reconfigured their DNS settings and used Google’s Open DNS service, thus bypassing the censorship.
Post your comment on this topic.