DNS blocks

Our default DNS servers block access to known bad domains that host malicious content, such as malware or phishing fraud. These DNS servers are the ones your device uses when you connect to Wi-Fi / eduroam, for example.

If you follow a link to a blocked domain, you will be redirected to a "site blocked" web page like this. The blocks are implemented using a "DNS firewall" technology called DNS RPZ.

Please report sites that should be blocked to csirt@uis.cam.ac.uk

For other questions or comments, please contact <servicedesk@uis.cam.ac.uk>.

Why we have DNS blocks

It is relatively common for a spammer to send a batch of malicious email messages that are all delivered before our spam filters can be updated to block them. The recipients are then relying on their anti-virus software or safe browsing filters for protection.

However, mass-market filters are not particularly good at dealing with small-volume targeted attacks, like a lot of phishing attacks.

So, the purpose of our DNS RPZ system is to block access to known malicious sites, especially sites that target the University.

Other security infrastructure

All external DNS traffic passes through the University's Cisco Firepower intrusion prevention system, and is subject to inspection. In unusual circumstances legitimate traffic can be blocked, although this is rare. If you need help with DNS lookup problems, please contact <servicedesk@uis.cam.ac.uk>.