DNS Monitor

DNS (Domain Name System) is a critical component of the internet infrastructure that translates human-readable domain names (such as www.example.com), into IP addresses (such as 12.345.678.90). It acts as a phonebook for the internet, allowing users to access websites and online services using easy-to-remember domain names instead of complicated IP addresses.

DNS monitoring is a security feature that keeps track of DNS traffic and analyzes it for suspicious activities or anomalies. By continuously monitoring DNS requests and responses, a DNS monitor can detect and alert users about potential security risks. Implementing a DNS monitor in your cybersecurity application can provide an additional layer of defense against DNS-based threats. It complements other security measures like firewalls, antivirus software, and intrusion detection systems to create a comprehensive security framework.

When the VPN tunnel is disconnected, the DNS monitor module monitors and logs all DNS requests made by the system to help identify potential DNS leaks or unusual domain queries. It's important to note that the DNS monitor is automatically disabled when the VPN tunnel is connecting or connected.

Enable DNS monitor

DNS monitor can only be enabled when the VPN is not connected and the Killswitch feature is turned off. To enable DNS monitor programmatically, you can use the following code:

var sdk = new SDK();

var request = new FirewallRequest
{
    EnableDnsMonitor = new EnableDnsMonitorRequest()
};

var result = await sdk.ConfigureFirewallAsync(request).ConfigureAwait(false);

For example, let's say you are developing a cybersecurity application and want to give users the option to monitor their DNS traffic for suspicious activity. By using the code snippet above, you can easily enable the DNS monitor feature whenever the user chooses to turn it on, as long as the VPN is disconnected and Killswitch is disabled.

Disable DNS monitor

In some cases, you may want to disable the DNS monitor feature. To disable DNS monitor programmatically, use the following code:

var sdk = new SDK();

var request = new FirewallRequest
{
    DisableDnsMonitor = new DisableDnsMonitorRequest()
};

var result = await sdk.ConfigureFirewallAsync(request).ConfigureAwait(false);

While you typically don't need to manually disable the DNS monitor when connecting to a VPN (as it's done automatically), you might still need to use this code in other scenarios, such as when you want to turn off DNS monitoring while the VPN is disconnected.