Yandex launches public DNS service with malicious URL filtering

Russian Web search firm Yandex launched a public DNS (Domain Name System) resolution service on Thursday that leverages the company's existing website scanning technology to block access to malicious and adult-rated sites.

The DNS acts like a phone book for Internet domain names. Before accessing any website, a computer must first find out its corresponding numerical Internet Protocol (IP) address. This is done by querying servers that act as DNS resolvers.

By default, most computers use the DNS resolvers of their ISP, but they can be easily configured to used third-party DNS servers. Companies that provide public DNS resolution services include Google and OpenDNS, which offers additional options like malicious URL filtering and parental controls.

Yandex's new service is accessible via three separate IP addresses, each of them determining a different level of filtering.

Yandex.DNS Standard (77.88.8.8) provides completely unfiltered access, Yandex.DNS Secure (77.88.8.88) blocks access to harmful websites, while Yandex.DNS Family (77.88.8.7) blocks adult content websites in addition to infected and phishing websites.

Interested users can manually configure their computers, wireless access points, routers or mobile devices to use the service by following instructions on Yandex's site -- currently only available in Russian. However, the company is also working with home router manufacturers to create customized firmware that have a built-in option to use Yandex.DNS.

Such firmware has already been released for several router models from ZyXEL's Keenetic series and work is being done to release it for D-Link's DIR-615 and DIR-620 models, which are popular in Russia.

Yandex.DNS is primarily directed at Web users in Russian-speaking countries like Russia, Ukraine, Kazakhstan and Belarus where the company's Web search and other services have a large market share.

The DNS service can technically be used from anywhere in the world, but at the moment, using it from other countries might slow down Internet connections because the DNS servers are based in Russia, Yandex spokesman Vladimir Isaev said Thursday via email. For the long term, there are plans to also deploy DNS servers in the company's data center in Amsterdam, which would decrease latency for users in Europe, he said.

As far as detecting and blocking access to malicious websites goes, Yandex.DNS uses the behavior-based anti-malware technology also used by the company's Web search engine to flag potentially harmful links in search results.

"We have great knowledge of dangerous/adult websites in Russian, Turkish and English," Isaev said. However, the company is not sure of how well its technology would work for detecting malicious and adult-rated Web content other languages when compared to other DNS-based services available on the market, he said.

Some users favor Google's public DNS service over OpenDNS's because the latter responds with a custom search page when users try to access a non-existent domain name.

Yandex.DNS does not currently do that, Isaev said. However, the company is considering adding a search box to the warning pages displayed by the service when blocking access to a website, he said.

Yandex has launched a series of new products and services in recent years in order to remain competitive and preserve its market share lead over Google in Russia.

For example, last year the company released its own Web browser based on Google Chrome. Also, the company's website scanning technology is offered as a stand-alone library called Yandex Safe Browsing API, which is similar to how Google makes its own Google Safe Browsing API available for integration into third-party applications.