|Caching of DNS addresses||yes||yes|
|Resoluiton of DNS requests locally||yes||yes|
|Redirection to custom DNS servers||yes||yes|
|Blocking of DNS requests with name wildcards||yes||yes|
|Monitoring of DNS activity showing fulfilled and blocked requests||yes||yes|
|Loading and saving of DNS cache into a file||yes||yes|
|System tray icon||yes||yes|
|Automatic cleanup of rules upon exit||yes||yes|
|License to use for more than 30 days||no||yes|
|Price (in USD)||-||$37.95|
|Latest version||3.2 , 10 Jun 2016 , [Change Log]|
|Supported networking||Ethernet, IPv4, IPv6, TCP, UDP.|
|Prerequisites||up-to-date root certificates (or it will take 2 minutes to start).|
|Supported OSes||Windows 2008 R2*, 7*, 8, 8.1,
2012, 2012 R2, 10.
*For Windows 2008 R2 and 7, required Service Pack 1 + KB3033929 (SHA-2 digital signing).
|Recommended hardware||CPU 1GHz and above, modern graphics card.|
|Additional hardware required||none|
The DNS caching technology has made another step forward with the release of Portable DNS Cache. Now, cache records can be saved into a file and loaded upon request. This software exposes intricacies of communication between a computer and DNS servers, it monitors requests and responses, differentiates requests resolved locally from requests resolved via DNS servers, it filters and blocks unwanted domain names according to filtering patterns. The real-time monitoring and firewall capabilities reveal "the secrets" of many programs that are sneaking to the Internet behind your back. The simplicity of the user interface allows performing tasks quickly and intuitively. No need to configure. Just start it and see it all.
The DNS system has been around for many years. It serves as a foundation for translating textual names (domain names) into IP addresses used by computers to communicate with each other.
When connecting to a website, popular Internet browsers like Internet Explorer, Firefox, Mozilla, and Chrome first trying to break down internet addresses on several parts. One of the parts is a domain name. The domain name is what is sent to DNS servers to obtain the IP address of a server.
Even without explicit request by a user, modern software often accesses the Internet. Many users are not even aware of such communication as it happens in the background, without user involvement and notifications. The examples of software with automatic Internet access include desktop gadgets, software with auto update capabilities, online backup software, time synchronization services, background downloading software, file sharing services, and also the whole category of malicious software.
The Internet communication and browsing is not the only area where DNS is used. The DNS name resolution is often used on corporate networks to provide names of corporate file, print, and web servers for anybody who tries to access them.
The DNS resolution process often goes through several stages. First, is the attempt of a computer to resolve a name via local cache. It is done to save time and computer resources. Pretty much every computer has some sort of DNS cache which holds recently resolved domain names. Such cache is stored on the local machine and is not available for transfer to others. It is rarely viewed directly even by IT professionals. That is one area where Portable DNS Cache comes in handy. It maintains the DNS cache, shows its content, and resolves names from the cache instead of sending to a DNS server. Thus even if a DNS server does not have a record for the domain name, or actively blocking it, or simply has a different IP address for the domain name, the IP address from the cache will be used. In addition to that, Portable DNS Cache makes it easy to delete cached records or create from them filters for blocking or allowing such domain names in the future.
The next two stages in DNS communication are sending a request to a DNS server and receiving a response. Using its firewall capabilities, the Portable DNS Cache verifies the communication. It blocks the DNS requests or lets them through depending on filtering rules that are created by a user. Whichever action is taken a logging record is created and displayed in the Resolver Log.
Many types and kinds of communication one way or the other rely on DNS resolution. That is why it is important to know and be aware of ongoing DNS communication as this holds the key to detecting and stopping suspicious activity before it is too late. By blocking DNS resolution, any further communication to that domain is essentially blocked. It is very simple! If a computer does not know the IP address of a domain name, it is not able to use it for connecting!
The Portable DNS Cache is designed to expose the DNS communication that is happening in the background, provide portability for cached records, and block the resolution of unwanted domain names.
The user interface consists of control elements (menus and toolbars), and 3 tabbed pages that provide different information about the DNS communication.
The opening and saving a file works on a single file. The data from the Cache page and the Filters pages are loaded and stored together. Certain fields of items from Cache page (like Queries and Cache Responses) are cleared upon loading.
Other operations allow changing the theme for the user interface, placing an icon on the Windows system tray upon minimizing, and keeping the window on top of other windows.
This page shows records stored in the cache.
The icon next to a record shows that a request for a DNS domain name was issued, but a response was not yet received. Usually a record stays in this state for a short period of time between the request sent and the reply received with one exception - when a blocking filter is active for that domain name. The icon next to a record shows that it contains both a request and a response and Portable DNS Cache will use that data instead of sending requests to DNS servers.
The Cache page has several useful fields helping to better understand the dynamics of cache population and resolution. The fields are as follows.
|Host Name||The exact domain name from the DNS request|
|IP||The list of IP addresses from the DNS response|
|Added||The time when the record was first created. Essentially, the time when the first request was created. For the records loaded from a file, it contains the time when the file was loaded.|
|Accessed||The time when the record was last accessed for DNS resolution.|
|Queries||The number of queries since the record was created or loaded from a file.|
|Cache Responses||The number of responses that ware taken from the cache instead of sending to DNS servers.|
|Start/Stop recording into the cache||When the Recording is enabled, the responses from DNS servers are stored into the cache.|
|Enable/Disable Playback from the cache.||Whenever the Playback is enabled the Portable DNS Cache can use the cached records to satisfy DNS requests without passing them to DNS servers. Whenever the Playback is disabled, all DNS requests are passed straight through to DNS servers and received responses are forwarded to the programs which originated the requests.|
|Clear cache||Clear the whole cache.|
|Delete selected records||Delete selected records.|
This page contains the log of DNS resolution activity. All activity is being recorded here. The log cannot be saved into a file.
The image denotes that the DNS request was blocked
The image denotes that the DNS request was sent to a DNS server
The image denotes that the original DNS request was resolved via passing the request to a DNS server and passing the request from the DNS server back to the issued it program. In other words, it indicates that the request was not resolved from the cache.
The image denotes that the original DNS request was resolved via cache without sending any data to a DNS server. Such resolution saves time on data travel between a computer and a DNS server.
The image denotes that the DNS server responded that it is unable to resolve the domain name.
Whenever the Resolver Log page is active, its toolbar is active too. The toolbar allows to:
|Pause the Log||Prevent new DNS activity items from showing up in the log.|
|Clear the Log||Clear all log entries.|
This page contains filters that specify the rules allowing or blocking certain domain names. The firewall functionality of Portable DNS Cache uses them to make real-time decisions.
Each filter has several attributes.
|Host Name Pattern||The pattern for the domain name matching. It may include '*' (asterisk) symbol in different places. It denotes any number of any characters.|
|Apply when there is no match||When checked, the filter action is executed for the domain names NOT matching to the Host Name Pattern.|
|Action: Block||Blocks the request|
|Action: Never Block||Prevents the matching to the pattern domain name from being blocked by any other rules. In other words, such request will never be blocked.|
|Enabled||Enabled/Disabled flag. Only enabled filters have an effect in determining an action for a domain name.|
* Windows® is a registered trademark of the Microsoft Corporation.