6 DNS services protect against malware and other unwanted content
- 28 January, 2015 06:38
While many (but not all) users are familiar with the concept of security software, there are more basic ways to protect unwary surfers from phishing sites, botnets, intrusive advertising and other unwanted visitors: DNS services.
First, a quick primer for those who are unfamiliar with DNS: You utilize the Domain Name System (DNS) every time you surf the Web. Each time you type a site name into the browser, DNS is queried for the IP address corresponding to that particular domain, so the browser can contact the Web server to get the content. (The process of converting the domain name to its IP address is called domain-name resolution.)
There are actually two main types of DNS servers: recursive and authoritative. The ones that are used by most individuals and small companies (and that are covered here) are called recursive DNS and are the default services provided by most Internet Service Providers (ISPs). All the companies listed here offer recursive DNS services. Some of them, however, also sell authoritative DNS services, which allow website owners or hosts to define the Web server IP addresses that their domain names point to and to manage other DNS settings.
Since DNS servers are the middlemen between your browser and website content, there are many third-party DNS services that offer additional functionality for both users and network administrators. These tools can include:
- Content filtering. This can be conveniently implemented to block adult sites and other unwanted content, while requiring no software on the computers and devices.
- Malware and phishing blocking. This can be performed by the content filtering tool also, to block sites containing viruses, scams and other dangerous content.
- Protection against botnets. This blocks communication with known botnet servers so your computer isn't taken over.
- Advertisement blocking. This is another type of content filtering, which some DNS services specifically concentrate on.
- URL typo correction. For instance, if you typed gogle.com it would correct to google.com .
In this article, I identify and describe several of these services. Many -- in fact, most -- are either completely free of charge or offer a number of free features that might make it worth your while to take a look.
Because there are so many DNS services available, for this list I chose those that provide some type of automatic or preconfigured content filtering (and I describe where you are sent when the filter kicks in, which can range from a straight "nothing to be found here" page to an ad-filled cacophony).
It's easy to switch to a different recursive DNS service. Simply change the IP addresses for DNS in the Internet settings of your router to apply it to the entire network, or change the DNS settings on select computers or devices. Without further intervention, you'll receive the DNS service's preconfigured security or filtering protection. Some services also allow you to create an account to customize the level of protection and messages that appear when a site is blocked.
Remember, the speed, reliability and performance of DNS servers can vary. Slow or poor domain resolution can translate into slower and less reliable web browsing. You can run speed tests on DNS servers (I recommend namebench ) so that you can compare their performance at your particular location.
Free for: Personal use only
DNS Addresses: 126.96.36.199 and 188.8.131.52
Comodo Secure DNS offers a simple free service for personal use. It is preconfigured to block harmful websites, such as those containing malware, spyware and phishing attempts. Additionally, it claims to offer a more reliable, faster and smarter DNS service than those provided by most ISPs.
Like Dyn, Comodo also sells services that include authoritative DNS services for websites and many other security solutions, such as SSL certificates, secure email services, antivirus and even PCI compliance services.
When a site is blocked by Comodo Secure DNS, a warning page is displayed. It shows the reason why the page is blocked and allows the user to disregard and continue to the blocked site anyway. When a user continues to a blocked site, he or she can choose how long to allow access to the site.
In the case of nonexistent or unresponsive domains, users see a page called Comodo Secure DNS Search. Suggested search terms or phrases are displayed based upon the domain they're trying to visit, in addition to a search field. One big downside of the search: Although the site says the results are powered by Yahoo, only sponsored links are given and are not true search results.
Keep an eye out for future updates from Comodo. Currently in beta, Comodo SecureDNS 2.0 offers customizable content filtering and is also being marketing towards businesses.
Free for: Personal or business use
DNS Addresses: 184.108.40.206 and 220.127.116.11
Dyn Internet Guide is a free service offered to the general public for personal or commercial use. Its basic preconfigured service automatically blocks malware and phishing sites, and offers typo correction.
Dyn also offers authoritative DNS services: hostnames for remote access and full DNS solutions for websites.
In addition, Dyn offers customizable content filtering if you create an account. You can block up to 30 pre-defined content categories and create custom white- and blacklists. Although it offers an Internet Guide subscription the company says is free, to use it you must sign up for Dyn's separate, fee-based Remote Access (DynDNS) service. Pricing for Remote Access starts at $25/year (there is a 14-day free trial). Additionally, you must log in every 30 days to keep your free Internet Guide account active.
Dyn offers two other Internet Guide subscriptions: Pro at $10/year and Premium at $20/year; neither requires the Remote Access service if your Internet connection uses a static IP address. Both provide the same functionality -- additional static or dynamic addresses, defense plans, whitelists and blacklists -- with the more expensive option offering more of each. The Pro and Premium plans also provide access to phone and email support.
When a user tries to visit a site that's been blocked by the content filtering settings of Internet Guide, an alert page is shown citing the reason why the page is blocked. When a site is detected as malware or phishing via the Internet Guide's automatic protection, the user is allowed to bypass and continue to the site -- unless that particular site or content category has been explicitly blocked via Internet Guide's settings.
For nonexistent or unresponsive domains, users by default see the Internet Guide showing search results related to the non-working domain with a Google-like look and feel. If you create a free or premium account, you can optionally disable this Internet Guide feature.
Free for: Personal or business use
DNS Addresses: 18.104.22.168 and 22.214.171.124
FoolDNS provides both free and commercial services, targeted towards home and small business use. It's primarily designed to block online tracking, profiling and advertisements, but also blocks malware and phishing sites.
The premium services include additional functionality and are offered in two different versions. The Audit version adds reporting, logging and the ability to create white- and blacklists. The Business version adds filtering of 2 million unsafe domains, more reporting capabilities and the ability to customize filtering via 20 predefined categories.
When a page is blocked -- for example, if there is malware detected -- a very simple page is shown saying the domain is filtered. No landing page is displayed for nonexistent or unresponsive domains, allowing the Web browser to display its own default error page.
Free for: Personal or commercial use
DNS Addresses: 126.96.36.199 and 188.8.131.52
GreenTeam Internet provides both free and premium services for homes and small businesses. Its free preconfigured service automatically blocks malware and phishing sites, advertisements and adult-related content, including aggressive, violent and drug-related sites.
When you create a free account you can customize the content filtering by choosing among three predefined protection levels and 47 predefined categories, and you can create custom whitelists and blacklists. Paid accounts, according to the company, provide "more control, further customization and a wider protection."
When a site is blocked, the user is notified and told which category the site is classified as. On the blocked page, the user can report the page or send an email to GreenTeam asking to unblock it. Users can also enter their email to be notified if the page becomes unblocked. When using a free or premium account, the local network administrator can also include a customized message on the blocked page.
GreenTeam Internet doesn't provide a landing page for nonexistent or unresponsive domains, allowing the Web browser to display its default error page in those instances.
Free for: Personal use
DNS Addresses: Vary based upon desired protection
Norton ConnectSafe provides three preconfigured DNS servers, free for personal use with no account needed:
- Security: The most basic service that automatically blocks malware, phishing and scam sites, and uses the DNS addresses of 184.108.40.206 and 220.127.116.11.
- Security + Pornography: Adds blocking of sexually explicit material; uses the DNS addresses of 18.104.22.168 and 22.214.171.124.
- Security + Pornography + Other: Adds blocking of other mature content, like alcohol, crime, drugs and gambling; uses the DNS addresses of 126.96.36.199 and 188.8.131.52.
There is also a business service that requires a paid subscription and that offers the same first two levels (via different DNS addresses); the third level blocks P2P file sharing instead of other mature content.
When they hit a blocked site, users see a page saying it's blocked and why, and there's a link to email Norton to dispute its blocking. There are no third-party ads on the page, but an ad for Norton products does appear.
The page shown for nonexistent or unresponsive domains doesn't contain advertisements, but offers a search field that will display results powered by Ask.com if the user decides to perform a search.
Free for: Personal or business use for Enhanced DNS; personal use only for other home and family services
DNS addresses: 184.108.40.206 and 220.127.116.11 ("FamilyShield" DNS addresses: 18.104.22.168 and 22.214.171.124)
OpenDNS is one of the most popular third-party DNS providers around, offering both free and premium services for homes and businesses. Its most basic free service is called Enhanced DNS, which is provided via the company's main DNS addresses and is preconfigured to block malware and phishing sites.
OpenDNS also offers different service options for personal home use:
- OpenDNS FamilyShield: Similar to Enhanced DNS, but also preconfigured to block adult content.
- OpenDNS Home: Similar to Enhanced DNS, but offers customizable filtering and security options, including white- and blacklists, customizable messages for blocked pages and basic logs and stats. It uses the same main addresses as Enhanced DNS but requires you to create an account.
- OpenDNS Home VIP: Premium service similar to the Home service with usage stats and support, priced at $19.95 per year. It uses the same main addresses as Enhanced DNS and also requires you to create an account.
OpenDNS' basic business service, called Umbrella, offers advanced security and management, useful for larger networks and enterprise environments. Umbrella Prosumer handles up to five users, while the Umbrella service, which caters to larger businesses, is offered in three different levels with varied advanced features and functionality.
When a webpage is blocked, users see a simple page saying it's blocked and why. Network administrators who are using a free or paid account can add a note and contact form to the page so the user can request the website be unblocked. When using the Umbrella services on a business network, administrators can enter bypass codes to instantly unblock websites. Similar functionality is available when using the OpenDNS home services on a Netgear router (according to Netgear, most of its newer routers support it) with Netgear's Live Parental Controls.
Users who try to access a nonexistent or unresponsive domain will see the browser's default error page. OpenDNS' free services used to have advertisements on this page, which OpenDNS called the Internet Guide. However, as of June 2014, all advertisements have been removed.