Integrity Check of DNS Server Setting

1 . A method of checking integrity of a DNS server setting, comprising triggering a DNS resolution operation by a service device configured to provide a service using the DNS server setting, wherein the DNS server setting is used for DNS resolution or DNS forwarding in service provisioning, acquiring the IP address of a DNS server device, which is configured to perform DNS resolution in service provisioning, by reading the IP address of the DNS server device included in a DNS message as part of the triggered DNS resolution operation by the service device, and processing the acquired IP address of the DNS server device for evaluating integrity of the DNS server setting used in service provisioning. 2 . The method according to claim 1 , wherein the DNS resolution operation refers to a domain name of a domain or sub-domain hosted by or under control of an integrity check device or an IP address of an integrity check device in service-related traffic, and the IP address of the DNS server device is read in a DNS request for requesting DNS resolution of the domain name into an IP address of the integrity check device or requesting DNS resolution of the IP address of the integrity check device into a domain name of a domain or sub-domain hosted by or under control of the integrity check device, which DNS request is sent from the DNS server device to a DNS server device of the integrity check device, or in a DNS reply for providing requested DNS resolution of the domain name into an IP address of the integrity check device or requested DNS resolution of the IP address of the integrity check device into a domain name of a domain or sub-domain hosted by or under control of the integrity check device, which DNS reply is sent from a DNS server device of the integrity check device to the DNS server device. 3 . The method according to claim 1 , wherein the DNS resolution operation refers to a uniquely determined domain or sub-domain hosted by or under control of the integrity check device. 4 . The method according to claim 3 , wherein the uniquely determined domain or sub-domain relates to a resource hosted by or under control of the integrity check device, such as a link on a website or an email address in an email communication. 5 . The method according to claim 1 , further comprising acquiring the IP address of the service device. 6 . The method according to claim 5 , wherein evaluating integrity of the DNS server setting of the DNS server device comprises retrieving the autonomous system number of the acquired IP address of the service device and the autonomous system number of the acquired IP address of the DNS server device, and comparing the retrieved autonomous system numbers. 7 . The method according to claim 6 , wherein retrieving the autonomous system numbers comprises performing an inquiry for the autonomous system numbers using the acquired IP address of the service device and the acquired IP address of the DNS server device, and extracting the autonomous system number of the acquired IP address of the service device and the autonomous system number of the acquired IP address of the DNS server device from an inquiry response. 8 . The method according to claim 6 , wherein the integrity of the DNS server setting used in service provisioning is evaluated to be violated when the autonomous system number of the acquired IP address of the service device differs from the autonomous system number of the acquired IP address of the DNS server device, or the integrity of the DNS server setting used in service provisioning is evaluated to be unknown when the autonomous system number of the acquired IP address of the service device differs from the autonomous system number of the acquired IP address of the DNS server device, and the acquired IP address of the DNS server device corresponds to an IP address of a commonly known DNS server device. 9 . The method according to claim 1 , wherein evaluating integrity of the DNS server setting of the DNS server device comprises assessing trustworthiness of the acquired IP address of the DNS server device by one or more of: verifying whether the acquired IP address of the DNS server device is included in a list of IP address of malicious DNS server devices, verifying whether the acquired IP address of the DNS server device is included in a list of IP address of trusted DNS server devices, and verifying whether the acquired IP address of the DNS server device is prevalent on the basis of a frequency and/or number of previous acquisitions of the acquired IP address of the DNS server device. 10 . The method according to claim 9 , wherein the integrity of the DNS server setting used in service provisioning is evaluated to be violated when it is verified that the acquired IP address of the DNS server device is included in the list of IP address of malicious DNS server devices, and/or when it is verified that the acquired IP address of the DNS server device is not included in the list of IP address of trusted DNS server devices, and/or when it is verified the acquired IP address of the DNS server device is not prevalent. 11 . The method according to claim 9 , wherein assessing trustworthiness of the acquired IP address of the DNS server device comprises causing DNS resolution of the acquired IP address of the DNS server device into a domain name of the DNS server device, verifying whether the DNS server device is trusted using reputation information for the domain name of the DNS server device, and verifying whether the domain name of the DNS server device has a valid security certificate. 12 . The method according to claim 11 , wherein the integrity of the DNS server setting used in service provisioning is evaluated to be violated when it is verified that the DNS server device is not trusted, and/or when it is verified that the domain name of the DNS server device does not have a valid security certificate, and/or the security certificate is a SSL certificate. 13 . The method according to claim 1 , further comprising providing a result of the evaluation of the integrity of the DNS server setting used in service provisioning to the service device, wherein the provided evaluation result comprises an indication of observance or violation of the integrity of the DNS server setting, or an indication of observance or violation of the integrity of the DNS server setting together with statistical data with regard to usage of DNS server devices and/or DNS forwarder devices by service devices and/or potential integrity issues relating to the DNS server device. 14 . The method according to claim 1 , further comprising: determining whether the acquired IP address belongs to an open DNS resolver; measuring the time elapsed for acquiring the IP address of the DNS server device (TIME_NORMAL); measuring the time elapsed for making a DNS query directly to the open DNS resolver without using the DNS settings of the service device (TIME_DIRECT); and comparing the measured elapsed times, (TIME_NORMAL) and (TIME_DIRECT) with each other, wherein the DNS server setting used in service provisioning is evaluated to be violated when TIME_DIRECT is smaller than TIME_NORMAL by a predetermined amount. 15 . An apparatus, comprising a memory configured to store computer program code, and a processor configured to read and execute computer program code stored in the memory, wherein the processor is configured to cause the apparatus to perform: triggering a DNS resolution operation by a service device configured to provide a service using the DNS server setting, where