Embodiments of the invention relate to the field of network services; and more specifically to origin server protection notification.
Traffic for an origin server may be proxied through a service such that one or more proxies receive and/or process traffic instead of that traffic being directly received at the origin server. Such a service may provide security services (e.g., detecting and/or mitigating denial of service attacks, proactively stopping botnets, cleaning viruses, trojans, and/or worms, etc.) and/or other performance services (e.g., acting as a node in a content delivery network (CDN) and dynamically caching customer's files closer to visitors, TCP stack optimizations, etc.). Registering for such a service may include a modification of the network configuration, such as Domain Name System (DNS) settings, so that the traffic is proxied through one or more proxy servers instead of being directly received by the origin server.
Information about a proxied origin server (e.g., the IP address of the origin server) can be inadvertently exposed through their service configuration. This may make the origin server vulnerable to malicious actors who use that information to mount cyber attacks against the operator of the proxied origin server.
The invention may best be understood by referring to the following description and accompanying drawings that are used to illustrate embodiments of the invention. In the drawings:
In the following description, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known circuits, structures and techniques have not been shown in detail in order not to obscure the understanding of this description. Those of ordinary skill in the art, with the included descriptions, will be able to implement appropriate functionality without undue experimentation.
References in the specification to “one embodiment,” “an embodiment,” “an example embodiment,” etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. Moreover, such phrases are not necessarily referring to the same embodiment. Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to effect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described.
In the following description and claims, the terms “coupled” and “connected,” along with their derivatives, may be used. It should be understood that these terms are not intended as synonyms for each other. “Coupled” is used to indicate that two or more elements, which may or may not be in direct physical or electrical contact with each other, co-operate or interact with each other. “Connected” is used to indicate the establishment of communication between two or more elements that are coupled with each other.
A method and apparatus for notifying an origin server of potential leaking information is described herein according to an embodiment. An origin server has been registered, or is in the process of being registered, for a proxied service that includes changing Domain Name System (DNS) configurations such that certain network traffic is proxied at a proxy server instead of that traffic being received directly at the origin server. The service checks the configuration and determines if there is any flaw in the configuration that may cause information about the origin server (e.g., the IP address of the origin server) to be leaked. Upon finding a flaw in the configuration, the service may notify the origin server and/or the operator of the origin server that the information may be leaked.
In an embodiments, a customer may register for the service including modifying their network configuration (e.g., DNS settings) so that the traffic is proxied through one or more proxy servers instead of being directly received by the origin server. For instance, the authoritative name server may be changed to an authoritative name server of the service, and also the IP address(es) that resolve to their origin server(s) (which hosts content of their domain) may be changed to point to a proxy server of the service. As another example, a customer may change individual DNS records to point to a proxy server (or point to other domain(s) that point to a proxy server of the service). For example, a customer may change their DNS records to point to a CNAME that corresponds with a proxy server of the service.
The domain owner 135 is a customer of the service and registers at least a part of their website for the service, which will be described in greater detail later herein. Registering for service may include causing the authoritative name server for the domain of the customer to be changed to the authoritative name server 142 of the service at operation 180. It should be understood that the backup authoritative name servers serving the domain may also be changed to an authoritative name server of the service. The zone file records for the domains may also be changed such that DNS resolution requests for the protected subdomains owned by the domain owner 135, which are handled by the origin sever 130, resolve to the proxy server 120, at operation 182. In an embodiment, the customer (e.g., domain owner 135) or other entity (e.g., web administrators) on behalf of the domain owner 135) may use the service server 125 to change their authoritative name server to the authoritative name server 142 and change their zone file to have their domain point to the service proxy server (hereinafter “proxy server”) 120.
The service server 125, operated by the service, provides a set of tools and interfaces for the domain owner 135 and is accessible over the Internet. For example, the service server 125, among other things, allows the domain owner 135 to register for the service, view statistics/logs of events, and report suspicious events. The service server 125 may include tools to assist the domain owners 135 in changing their network configuration such that certain traffic is proxied through the proxy server 120. In an embodiment, the service server 125 checks the configuration and determines if there is any flaw in the configuration that may cause information about the origin server (e.g., the IP address of the origin server) to be leaked. Upon finding a flaw in the configuration, the service server 125 may notify the origin server 130 and/or the domain owner 135 of the origin server 130 that the information may be leaked.
The DNS system 140 is used to refer to the DNS system as a whole and includes multiple DNS servers to resolve DNS requests. As illustrated, the DNS system 140 includes the authoritative name server 142, which is an authoritative name server for the service. When the DNS system 140 resolves a request for a subdomain protected by the service (proxied through the proxy server 120), the corresponding DNS response includes an IP address of the proxy server 120 instead of the origin server 130. It should also be understood that when the DNS system 140 resolves a request for a subdomain not protected by the service (not proxied through the proxy server 120), the corresponding DNS response includes an IP address of the origin server 130.
The client devices 110A-I are computing devices (e.g., laptops, workstations, smartphones, palm tops, mobile phones, tablets, gaming systems, set-top boxes, wearable devices, etc.) that are capable of accessing network resources (e.g., they include software such as web browsers that are capable of accessing network resources). Users at the client devices 110A-I request network resources (e.g., HTML pages, images, word processing documents, PDF files, movie files, music files, or other computer files) through a client network application such as a web browser or other application (e.g., FTP client, SSH client, Telnet client, etc.).
The origin server 130 is a computing device that may serve and/or generate network resources (e.g., web pages, images, word processing documents, PDF files movie files, music files, or other computer files). An origin server 130 may also be another proxy server to the server that serves and/or generates network resources. Although not illustrated in
The proxy server 120 is a computing device that is situated between the client devices 110A-I and the origin server 130 and provides many of the features of the service. Certain network traffic passes through the proxy server 120 (traffic sent from the client devices 110A-I and/or traffic sent from the origin servers 130 that is protected by the service). Based on at least in part on this traffic, the proxy server 120 provides a set of one or more services for the benefit of the customers and/or users of the client devices 110A-I.
While
Although not illustrated in
The owner of the proxy server 120 is typically different than the owner of the origin server 130. In addition, the proxy server 120 is not typically part of the local network of the origin web server 130. For example, the proxy server 120 may be outside of the local area network of the origin web server 130 and is typically not physically accessible by owners/administrators of the origin server 130.
The client devices 110A-I request DNS resolution when a domain name is used or requested by a local application and is not known (e.g., is not in a local DNS cache or the DNS record in its local cache has expired). For example, a client device makes a DNS request 150 to the DNS system 140 for an IP address for a domain. The DNS system 140 performs a recursive or iterative DNS process until the authoritative name server 142 returns an IP address. For those domains that are protected by the service, the IP address returned in the DNS response will be an IP address of the proxy server 120. For those domains not protected by the service, the IP address returned in the DNS response may be an IP address of the origin server 130.
Sometime after the DNS resolution is complete, the client device makes a request 154 (e.g., an HTTP GET request, an HTTP POST request, other HTTP request method, or other request for an action to be performed on an identified resource belonging to an origin server), which is transmitted to the proxy server 120. The proxy server 120 may analyze the request at operation 164 and determine a set of one or more request related actions to perform based on the results of the analyzing. Examples of request related actions that may be performed by the proxy server 120 include the proxy server 120 responding to the request locally by transmitting a response 162 (e.g., an HTTP response) to the client device 110, blocking the request 154 in addition to or in place of the response 162, reducing the speed at which content can be delivered to the client device 110, and transmitting the request to the origin server 130 on behalf of the client device 110 at operation 156.
The request 156 transmitted by the proxy server 120 to the origin server 130 on behalf of the client device 110 may be substantially similar to the original request 154 or it may be modified by the proxy server 120. For example, in some embodiments, the proxy server 120 removes content from the request if it determines that the content is a security threat to the origin server 130 while leaving the content that is not a security threat to be transmitted (e.g., if the request is an HTTP POST and the contents attempted to be posted contain a possible threat to the origin server). In other embodiments, the proxy server 120 modifies the content of the request to make the request less likely to harm to the origin server 130.
The origin server 130 respond to the request 156 as if the request was being transmitted from a client device directly. The response 158 (e.g., an HTTP response) may include the requested content, an error code indicating that the content cannot be found (e.g., an HTTP response status code 404 error), an error code indicating a problem with the origin server (e.g., an HTTP response status code 5XX error) or other response code.
After receiving the response 158, the proxy server 120 analyzes the response (at the analyzing response operation 166) and determines a set of one or more response related actions to perform based on the results of the analyzing response operation 166. The analyzing response operation 166 includes the proxy server 120 performing one or more of the following: determining the status of the response (e.g., whether it indicates an error code); determining whether the header of the response is malformed; determining whether the response poses an Internet security threat (e.g., whether the requested resource includes a virus, worm, or other vulnerability); determining whether the requested resource includes one or more elements that are to be excluded from being delivered to the visitor; determining whether to modify element(s) of the requested resource; determining whether to obfuscate elements of the requested resource (e.g., obfuscating an email address such that it will be displayed on the rendered page but obfuscated from the page source); determining whether to add content to the requested resource; and determining whether to cache the contents of the requested resource. Based on the results of the analyzing response operation 166, the proxy server 120 performs one or more appropriate response related actions, which may include generating the response 162 that may include the requested network resource that is transmitted to the requesting client device.
At block 210, the service server 125 receives the name of the domain (e.g., example.com) from the domain owner 135. For example, with reference to
At block 215, the service server 125 queries the global DNS system to determine the authoritative name servers and domain name registrar for the domain (e.g., example.com). Flow then moves to block 220, where the service server 125 determines whether the current information in the DNS zone file for the domain is capable of being retrieved by the service server 125 in order to avoid the domain owner 135 from inputting the information. For example, some DNS providers may provide an API (Application Programming Interface) that can be used by the service server 125 to query for the information in the DNS zone file for the domain. The list of DNS providers that provide such an API and information of how to use the API is stored by the service server 125. As another example, the service server 125 may simulate a human user logging into the DNS provider's website to determine the information in the DNS zone file. In such a case, the service server 125 accesses a map of the DNS provider's website that has been pre-recorded by an operator of the service and stored by the service server 125. The map includes the web page on which the user login information is entered, the particular fields into which the login information is entered, the page or pages on which the zone information is displayed, the structure of those pages, and any links or URLs to request additional pieces of the zone file from the DNS provider. If the DNS zone file is capable of being retrieved, then flow moves to block 225, otherwise flow moves to block 235.
At block 225, the service server 125 receives login information (e.g., username and password) to the DNS provider's website from the domain owner 135. For example, with reference to
At block 230, the service server 125 logs into the DNS provider website using the login information and retrieves the information from the DNS zone file record for the domain. For example, if the DNS provider provides an API for querying the information in the DNS zone file for the domain, the service server 125 uses that API to query for the zone file information. If there is not such an API, the registrations server 125 queries the DNS provider via a service server-controlled agent (e.g., using HTTP or HTTPS protocols). For example, the service server 125 may request the login page, enter any required login information, submit the login page, request one or more pages where the zone file is displayed, store the response from those pages, scan the pages based on the predefined map to retrieve the zone information, and logout of the DNS provider. Flow moves from block 230 to block 240.
Referring back to block 235 (the information in the zone file is not capable of being retrieved by the service server 125), the service server 125 prompts the domain owner 135 to enter the information for the DNS zone file record for the domain. For example,
Referring back to
At block 250, the service server 125 modifies the DNS zone record(s) designated by the domain owner 135 and the DNS authoritative name servers for the domain to that of the service. For example, the address pointing to the resource record type A (or AAAA) of the domain (e.g., example.com) is changed to an IP address of a proxy server such as the proxy server 120, and the authoritative name servers are changed to authoritative name servers of the service (e.g., including the authoritative name server 142). The proxy server 120 may be one of multiple proxy servers in the service. The service server 125 may choose one of the proxy servers in a number of ways (e.g., based on current and/or expected load, based on location, round robin, etc.). Flow moves from block 250 to block 255.
At block 255, the service server 125 determines whether it supports an automatic setup procedure to change the authoritative name servers at the domain name registrar for the domain. For example, some domain name registrars may provide an API that can be used by the service server to change the authoritative name servers for the domain. The list of domain name registrars that provide such an API and information of how to use the API is stored by the service server 125. As another example, the service server 125 may simulate a human user logging into the domain name registrar's website to change the authoritative name servers for the domain. In such a case, the service server 125 accesses a map of the domain name registrar's website that has been pre-recorded by an operator of the service and stored by the service server 125. The map includes the login page, any fields where the login information is entered, the path to the page on which the authoritative name servers are changed, the fields that must be updated for those authoritative name servers to be changed, and any interface provided to delete name servers. If the service server supports automatic changing of the authoritative name servers at the domain name registrar for the domain, the flow moves to block 260; otherwise flow moves to block 265.
At block 260, the service server 125 receives login information (e.g., username and password) to the domain name registrar's website from the domain owner 135. For example, with reference to
At block 230, the service server 125 logs into the registrar's website and updates the authoritative name servers to that of the service. Flow then moves to block 275 where the service server 125 initiates a test to check to determine whether the authoritative name servers have been successfully changed. For example, the service server queries the global DNS system (e.g., with a dig operation, who is operation, etc.) for the domain to confirm that the authoritative name servers have been successfully changed. It should be understood that it may take some amount of time for the change of the authoritative name server to propagate throughout the global DNS system.
In another embodiment, the customer uploads a file representing the DNS zone file (e.g., a DNS bind file, a spreadsheet, or other format that designates the subdomains, record types, TTLs, and the records they resolve to). In another embodiment, the initial zone data is gathered from data retrieved from a recursive DNS provider. For example, for a particular domain, the recursive DNS provider may provide information indicating all of the subdomains that they have made a query for the domain.
In another embodiment, the initial zone data for a domain is gathered by making DNS queries for a number of common subdomains to see what resolves.
At operation 610, the service server 125 receives the name of the domain (e.g., example.com) from the domain owner 135. For example, with reference to
At block 615, the service server 125 queries, or causes a query to be issued to the DNS system 140 for each of a number of common subdomains (e.g., www.example.com, blog.example.com, web.example.com, mail.example.com, ftp.example.com, etc.). For example, in one embodiment, the service server 125 stores a list of subdomains that are ranked into the likelihood that they will appear in a zone for a domain. The subdomains may be tested sequentially or in parallel.
In one embodiment, the number of DNS queries per second can be limited to not exceed a certain number of queries per second in order to not trigger anti-abuse systems with the DNS provider. The query period can either run through the entire list of subdomains testing all of them and finish when completing, or it can run through only a partial list and finish when a certain amount of time has passed (e.g., query as many possible in 1 minute). As new zones are added, the service server 125 can continue to adjust the order of the tested subdomains (e.g., determine what percentage of zones contain a certain subdomain then order them based on those percentages). In this way, the list of common subdomains becomes more accurate and efficient. Third party information, such as information from Recursive DNS Providers, can also be used in order to create the ranking list.
Flow moves from operation 615 to operation 620. At operation 620, for each of the subdomains tested that resolves, the service server 125 saves information about the record into a zone file for the domain (e.g., the record type, the TTL value, and the record).
Flow then moves to operation 625 and the service server 125 confirms the zone file information with the customer. For example,
Flow moves from operation 625 to operation 630 where the service server 125 receives designation of which records are to be protected by the service. For example,
Flow moves from operation 630 to operation 635 where the service server 125 provides name server identification for name servers of the service. For example,
In an alternative embodiment, in order to verify the authority of the customer to change the DNS records for the domain, the service server 125 queries the customer to add a unique record to their existing DNS file. This record could be of any valid DNS record type. In one example, a customer could add a TXT record with a unique string of characters. The system could check for the presence of this TXT record and, if the string of characters matched, designate the customer who was issued that string of characters in association with that domain as authoritative for the domain. Once that happened, the customer's settings could be propagated any future changes to those settings trusted.
Flow moves from operation 635 to operation 640 where the service server 125 determines whether the name servers provided in operation 635 have been modified to be authoritative for the domain. In one embodiment, the service server 125 periodically checks whether the name servers provided in operation 635 are authoritative for the domain. In other embodiments, the customer indicates when the name servers assigned by the service are authoritative for the domain. For example, the service server 125 may provide an interface for the customer to indicate that the assigned name servers are authoritative for the domain (e.g., through a button, etc.). In other embodiments the customer may call a telephone number, send a text message, or send an email to indicate that the assigned name servers are authoritative for the domain. Regardless of the way, after receiving an indication from the customer that the assigned name servers have been changed to be authoritative for the domain, the service server 125 (or other server of the service) checks whether the assigned name servers are indeed authoritative for the domain. If the assigned name servers have been changed to be authoritative for the domain, then flow moves to operation (determined at operation 645), then flow moves to operation 650, otherwise flow moves to operation 655 and the operation exits (the customer did not prove that they had authority to change the DNS records).
At operation 650, the service server 125 modifies (or causes to be modified) those DNS zone record(s) that are designated to be protected by the service. For example, the address pointing to the resource record type A (or AAAA) of the domain (e.g., example.com) is changed to an IP address of a proxy server such as the proxy server 120. In one embodiment, the zone file records 144 (including the updated zone file records) are stored by the name server 142. The proxy server 120 may be one of multiple proxy servers in the service. The service server 125 may choose one of the proxy servers in a number of ways (e.g., based on current and/or expected load, based on location, round robin, etc.).
After network configuration has been modified for a particular domain, the service server 125 checks the configuration and determines if there is any flaw in the configuration that may cause information about the origin server (e.g., the IP address of the origin server) to be leaked. Upon finding a flaw in the configuration, the service may notify the origin server and/or the operator of the origin server that the information may be leaked.
For example, in an embodiment, the service server 125 compares the DNS configurations of unprotected assets (e.g., domains that will not point to a proxy server of the service) and protected assets (e.g., domains that point to a proxy server of the service). A record that is not protected by the service and is also referring to a record that is protected by the service is considered to be leaking the origin IP address. For instance,
Next, at operation 1315, the service server 125 determines whether the configuration of the DNS records are leaking the IP address of the origin server of the site. For instance, the service server 125 may determine whether any record that is not protected by the service (does not point to an IP address of a proxy server of the service) refers to a record that is protected by the service. Any such record is deemed to be leaking the IP address of the origin server such that the IP address of the origin server may be found by a third party. If there is such a record, then flow moves to operation 1320; otherwise flow moves to operation 1325 where operations end.
At operation 1320 the service server 125 notifies the operator of each record that has been determined to be leaking the IP address of its origin server. The notification can take any number of forms. In an embodiment, and as illustrated in
In an embodiment, the notification also instructs the operator on ways to resolve the issue. For instance, the notification may instruct the operator to remove the record if that record is not being used. As another example, if the record is an MX record that is running on the same server as the website, the notification may instruct the operator to use an email service on a separate server than the website.
The techniques shown in the figures can be implemented using code and data stored and executed on one or more electronic devices (e.g., a requesting device, a proxy server, an origin server, a service server). Such electronic devices store and communicate (internally and/or with other electronic devices over a network) code and data using computer-readable media, such as non-transitory computer-readable storage media (e.g., magnetic disks; optical disks; random access memory; read only memory; flash memory devices; phase-change memory) and transitory computer-readable communication media (e.g., electrical, optical, acoustical or other form of propagated signals—such as carrier waves, infrared signals, digital signals). In addition, such electronic devices typically include a set of one or more processors coupled to one or more other components, such as one or more storage devices (non-transitory machine-readable storage media), user input/output devices (e.g., a keyboard, a touchscreen, and/or a display), and network connections. The coupling of the set of processors and other components is typically through one or more busses and bridges (also termed as bus controllers). Thus, the storage device of a given electronic device typically stores code and/or data for execution on the set of one or more processors of that electronic device. Of course, one or more parts of an embodiment of the invention may be implemented using different combinations of software, firmware, and/or hardware.
While the flow diagrams in the figures show a particular order of operations performed by certain embodiments of the invention, it should be understood that such order is exemplary (e.g., alternative embodiments may perform the operations in a different order, combine certain operations, overlap certain operations, etc.).
While the invention has been described in terms of several embodiments, those skilled in the art will recognize that the invention is not limited to the embodiments described, can be practiced with modification and alteration within the spirit and scope of the appended claims. The description is thus to be regarded as illustrative instead of limiting.
This application is a continuation of U.S. application Ser. No. 15/369,711, filed Dec. 5, 2016, which claims the benefit of U.S. Provisional Application No. 62/263,608, filed Dec. 4, 2015, which are hereby incorporated by reference.
Number | Name | Date | Kind |
---|---|---|---|
6836806 | Raciborski et al. | Dec 2004 | B1 |
6904460 | Raciborski et al. | Jun 2005 | B1 |
6968389 | Menditto et al. | Nov 2005 | B1 |
6981029 | Menditto et al. | Dec 2005 | B1 |
6992983 | Chatterjee et al. | Jan 2006 | B1 |
7013343 | Shigezumi et al. | Mar 2006 | B2 |
7213062 | Raciborski et al. | May 2007 | B1 |
7370351 | Ramachandran et al. | May 2008 | B1 |
7487539 | Ramachandran et al. | Feb 2009 | B2 |
7493414 | Tazuma et al. | Feb 2009 | B2 |
7502836 | Menditto et al. | Mar 2009 | B1 |
7565413 | O'Toole, Jr. et al. | Jul 2009 | B1 |
7574499 | Swildens et al. | Aug 2009 | B1 |
7624169 | Lisiecki et al. | Nov 2009 | B2 |
7680742 | Ackerman et al. | Mar 2010 | B1 |
7680955 | Huang et al. | Mar 2010 | B2 |
7681229 | Ebrahimi et al. | Mar 2010 | B1 |
7792994 | Hernacki et al. | Sep 2010 | B1 |
7827280 | Cox et al. | Nov 2010 | B2 |
7849502 | Bloch et al. | Dec 2010 | B1 |
7849507 | Bloch et al. | Dec 2010 | B1 |
7925694 | Harris et al. | Apr 2011 | B2 |
7984163 | Almog et al. | Jul 2011 | B2 |
8078683 | Lalonde et al. | Dec 2011 | B2 |
8204976 | Swildens et al. | Jun 2012 | B2 |
8260963 | Huang et al. | Sep 2012 | B2 |
8266295 | Klein et al. | Sep 2012 | B2 |
8285808 | Joel et al. | Oct 2012 | B1 |
8332484 | Afergan et al. | Dec 2012 | B2 |
8370940 | Holloway et al. | Feb 2013 | B2 |
8447856 | Drako et al. | May 2013 | B2 |
8489637 | Patil et al. | Jul 2013 | B2 |
8499077 | Niemelae et al. | Jul 2013 | B2 |
8526467 | Li et al. | Sep 2013 | B2 |
8548998 | Plotnik et al. | Oct 2013 | B2 |
8549148 | Devarapalli et al. | Oct 2013 | B2 |
8572737 | Holloway et al. | Oct 2013 | B2 |
8612564 | Swildens et al. | Dec 2013 | B2 |
8613089 | Holloway et al. | Dec 2013 | B1 |
8621038 | Prince et al. | Dec 2013 | B2 |
8645700 | Smith et al. | Feb 2014 | B2 |
8645701 | Gould et al. | Feb 2014 | B2 |
8646064 | Holloway et al. | Feb 2014 | B1 |
8751633 | Holloway et al. | Jun 2014 | B2 |
8762506 | Courtney et al. | Jun 2014 | B2 |
8763071 | Sinha et al. | Jun 2014 | B2 |
8806011 | Graham-Cumming et al. | Aug 2014 | B1 |
8819209 | Chen et al. | Aug 2014 | B1 |
8825839 | Brandt et al. | Sep 2014 | B2 |
8843612 | Levow et al. | Sep 2014 | B2 |
8849904 | Prince et al. | Sep 2014 | B2 |
8850580 | Prince et al. | Sep 2014 | B2 |
8856924 | Holloway et al. | Oct 2014 | B2 |
8874790 | McPherson et al. | Oct 2014 | B2 |
8880686 | McPherson et al. | Nov 2014 | B2 |
8910245 | Kondamuru et al. | Dec 2014 | B2 |
8914406 | Haugsnes et al. | Dec 2014 | B1 |
8984166 | Graham-Cumming et al. | Mar 2015 | B2 |
8984635 | Graham-Cumming et al. | Mar 2015 | B1 |
9009330 | Holloway et al. | Apr 2015 | B2 |
9021085 | Jensen et al. | Apr 2015 | B1 |
9038183 | Haugsnes et al. | May 2015 | B1 |
9049227 | Surasathian et al. | Jun 2015 | B2 |
9049244 | Prince et al. | Jun 2015 | B2 |
9049247 | Holloway et al. | Jun 2015 | B2 |
9098477 | Joel et al. | Aug 2015 | B2 |
9106695 | Kaminsky et al. | Aug 2015 | B2 |
9112897 | Teo et al. | Aug 2015 | B2 |
9130917 | Smith et al. | Sep 2015 | B2 |
9137258 | Haugsnes et al. | Sep 2015 | B2 |
9167001 | Haugsnes et al. | Oct 2015 | B1 |
9183319 | Joel et al. | Nov 2015 | B2 |
9184919 | Ghosh et al. | Nov 2015 | B2 |
9202079 | Kaliski, Jr. et al. | Dec 2015 | B2 |
9225734 | Hastings et al. | Dec 2015 | B1 |
9300687 | Johns et al. | Mar 2016 | B2 |
9305182 | Berls et al. | Apr 2016 | B1 |
9319315 | Prince et al. | Apr 2016 | B2 |
9338182 | Devarapalli et al. | May 2016 | B2 |
9342620 | Joel et al. | May 2016 | B2 |
9342698 | McPherson et al. | May 2016 | B2 |
9350829 | Graham-Cumming et al. | May 2016 | B2 |
9363287 | Kondamuru et al. | Jun 2016 | B2 |
9363288 | Kaliski, Jr. et al. | Jun 2016 | B2 |
9369437 | Holloway et al. | Jun 2016 | B2 |
9401919 | Sullivan et al. | Jul 2016 | B2 |
9467421 | Xie et al. | Oct 2016 | B2 |
9467461 | Balderas et al. | Oct 2016 | B2 |
9509596 | Bergman et al. | Nov 2016 | B2 |
9544278 | Hozza et al. | Jan 2017 | B2 |
9548966 | Prince et al. | Jan 2017 | B2 |
9560074 | Stemm et al. | Jan 2017 | B2 |
9565166 | Holloway et al. | Feb 2017 | B2 |
9571286 | Graham-Cumming et al. | Feb 2017 | B2 |
9578087 | Kitchen et al. | Feb 2017 | B1 |
9584328 | Graham-Cumming et al. | Feb 2017 | B1 |
9628509 | Holloway et al. | Apr 2017 | B2 |
9628581 | Holloway et al. | Apr 2017 | B2 |
9634993 | Holloway et al. | Apr 2017 | B2 |
9634994 | Prince et al. | Apr 2017 | B2 |
9641549 | Holloway et al. | May 2017 | B2 |
9647979 | Gupta et al. | May 2017 | B2 |
9661020 | Holloway et al. | May 2017 | B2 |
9705851 | Kaliski, Jr. et al. | Jul 2017 | B2 |
9722970 | Prince et al. | Aug 2017 | B2 |
9729657 | Graham-Cumming et al. | Aug 2017 | B2 |
9749307 | Smith et al. | Aug 2017 | B2 |
9769273 | Gupta et al. | Sep 2017 | B2 |
9774562 | Blinn et al. | Sep 2017 | B2 |
9781091 | Shyamsunder et al. | Oct 2017 | B2 |
9819721 | Bendell et al. | Nov 2017 | B2 |
9887914 | Bergman et al. | Feb 2018 | B2 |
9906488 | Kagan et al. | Feb 2018 | B2 |
9935771 | Pandrangi et al. | Apr 2018 | B2 |
10020941 | Shulman et al. | Jul 2018 | B2 |
10021102 | Palchaudhuri et al. | Jul 2018 | B2 |
10068014 | Bergman et al. | Sep 2018 | B2 |
10102301 | Holloway et al. | Oct 2018 | B2 |
10178195 | Johnson | Jan 2019 | B2 |
20030061515 | Kindberg et al. | Mar 2003 | A1 |
20040255137 | Ying et al. | Dec 2004 | A1 |
20060167871 | Sorenson et al. | Jul 2006 | A1 |
20070214283 | Metke et al. | Sep 2007 | A1 |
20080209057 | Martini et al. | Aug 2008 | A1 |
20090055929 | Lee et al. | Feb 2009 | A1 |
20100318681 | Shi et al. | Dec 2010 | A1 |
20120084423 | McGleenon et al. | Apr 2012 | A1 |
20120254386 | Smith et al. | Oct 2012 | A1 |
20130024769 | Sumida et al. | Jan 2013 | A1 |
20140156702 | Shyamsunder et al. | Jun 2014 | A1 |
20150134956 | Stachura et al. | May 2015 | A1 |
20150186544 | Benedum et al. | Jul 2015 | A1 |
20160014087 | Holloway et al. | Jan 2016 | A1 |
20160036848 | Reddy et al. | Feb 2016 | A1 |
20160285961 | Kisel et al. | Sep 2016 | A1 |
20160308818 | Torres et al. | Oct 2016 | A1 |
20170063792 | Lee et al. | Mar 2017 | A1 |
20170134405 | Ahmadzadeh et al. | May 2017 | A1 |
20180046811 | Andriani et al. | Feb 2018 | A1 |
Entry |
---|
Lu Y., et al., “Towards Plugging Privacy Leaks in the Domain Name System,” IEEE Tenth International Conference on Peer-to-Peer Computing (P2P), Aug. 25-27, 2010, 10 pages. |
Notice of Allowance from U.S. Appl. No. 15/369,711, dated Nov. 26, 2018, 19 pages. |
Number | Date | Country | |
---|---|---|---|
20190166215 A1 | May 2019 | US |
Number | Date | Country | |
---|---|---|---|
62263608 | Dec 2015 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 15369711 | Dec 2016 | US |
Child | 16241863 | US |