Faster and Safer Internet? Here's How...
Today’s topic might sound geeky, but I promise I'll explain it all in plain English and show you how to make your Internet usage both faster and safer, for adults and curious kids. In the past, I have recommended using alternative DNS as a means to a faster and more reliable Web browsing experience. But faster Web surfing isn't the only benefit of switching your DNS servers. Read on...
Improved Speed and Safety on the Info-Superhighway
Let's start by de-geekifying the DNS acronym. DNS stands for "Domain Name Service" and it's a service normally provided by your Internet Service Provider (ISP). Here's why it's necessary... Humans refer to websites by their common "dot com" names, but the computers that run things on the Internet know them only by numbers known as IP (internet protocol) addresses. When you tell your browser you want to visit a certain website, it must connect to a DNS server to translate that website name into a numeric IP address.
Normally, the DNS server that does that name-to-number lookup is operated by your ISP, but there's no technical reason why that must be so. Alternate DNS services can be used to speed up web surfing, provide an additional layer of security, correct typos, or assign shortcuts to commonly-typed website names. Here are some free alternative DNS services you can try.
OpenDNS Home is one such service, used by over 30 million people at Fortune 50 companies, small businesses, schools, and homes. The free service doesn't require you to sign up for anything, or install any software. By twiddling a few numbers in your router's setup screens, you can speed up web surfing. But you can also filter out malware, phishing sites, botnets, If you also want to filter out adult content, use the OpenDNS Family Shield instead. It works exactly the same as the OpenDNS Home service, but is preconfigured to block sites that may not be appropriate for younger users.
OpenDNS works with one of the leading anti-phishing projects on the Internet. PhishTank.com is a collaborative effort to identify and block phishing websites one bogus URL at a time. Any registered user can submit a suspected phish to PhishTank via email or the site’s “Add A Phish” uploading feature.
Each suspect URL is evaluated by a worldwide community of security consultants, academics, and registered users. When at least two users agree it’s a phish, the bogus URL is added to PhishTank’s database of verified phishing links. The number of votes needed to verify a phish varies depending on the reputations of the voters. Reputation is established by being right more often than you are wrong. Users who submit lots of false positives – URLs that turn out not to be phishing sites – and who, more often than not, incorrectly label others’ submissions as phish or not-phish, will have lower reputation ratings.
False positives – URLs incorrectly labeled “phish” by the community – can also be reported. PhishTank’s staff will review the classification and revise it if warranted. OpenDNS draws upon many resources such as PhishTank to decide which URLs and IP addresses to blocks for its users who have phishing protection enabled. It’s possible that a URL labeled “phish by the PhishTank community will not be blocked by OpenDNS.
The data collected and vetted via PhishTank is shared publicly and is used by other companies that develop web browsing and Internet security tools. Among them are Opera, WebOfTrust, Yahoo! Mail, McAfee, Carnegie-Mellon University, Mozilla, Kaspersky, and Avira.
Separately, OpenDNS Domain Tagging offers users the option to label websites with tags such as “adult,” “violence,” “social network,” “gambling,” and so on. Registered users can tag a domain, but it takes a consensus of the community to make that tag “stick.” OpenDNS users can use the tagging system to block selected categories of content, if desired.
It's Nice to Have Choices
You have options when it comes to selecting an alternate to your ISP's DNS servers.
- Google Public DNS is similar to OpenDNS, promising increased security and better performance.
- Cloudflare is a web services company that specializes in blocking denial of service attacks. Their website says Cloudflare's DNS service is "the fastest in the world, and simple to use."
- Control D's free DNS offers some interesting customization options. You can use the Unfiltered option, or pick and choose the types of content you want to block. Filtering options include Malware, Adult Content, Drugs, Dating, Gambling, Government, and Social Networks.
Which alternate DNS service is best? My answer is try more than one! You can compare the speed of OpenDNS, Google and other DNS servers with the DNS Benchmark tool.
But Does It Work?
There's really no downside to switching your DNS nameservers from the ones provided by your Internet Service Provider to the OpenDNS ones. Most users will see slightly improved page loading time, less "lag" when contacting a website, and fewer errors with unreachable websites. You should jot down your ISP's nameserver addresses in case you want to switch back.
I am somewhat skeptical about the “wisdom of the crowd” method used by PhishTank and OpenDNS. Phishing sites come and go rapidly, and I can’t believe that a “committee” of tens of thousands can keep up with the bad guys on every front. But if it blocks the most common phishing attacks, there's value in that. Just don't assume it will protect you from EVERY known phishing threat, and continue to use caution about clicking links you see in emails.
The “parental controls” offered by OpenDNS and Control D are probably more effective; p*rn, piracy and social media sites don’t change domain names nearly as often as phishing sites do. But like every parental-control program ever created, OpenDNS blocks some sites that arguably are not harmful to children. Also, its blocking applies to one’s entire network, so Mom and Dad have to give themselves permission to view “adult” sites like La Leche League, or shop at Victoria's Secret.
>h2>Please Pass the Caveat...
If you configure your Internet router with the OpenDNS nameservers, it's important to remember that it can protect only the computers, laptops and other devices that are connected to it, via a wired or wireless connection. When away from home, or outside of WiFi range, OpenDNS can't protect any mobile devices such as laptops, smartphones or tablets. However, you also have the option to modify the DNS settings on individual devices, rather than (or in addition to) your router. This OpenDNS setup guide will walk you through the steps to make it happen. Just remember to record your current nameserver settings somewhere as a backup, in case you want or need to switch back.
Do you use an alternative DNS offering to boost your speed or security online? Your thoughts are welcome, post a comment or question below…
This article was posted by Bob Rankin on 10 Oct 2022
|For Fun: Buy Bob a Snickers.|
Power User Search Tips and Tricks
The Top Twenty
Is Your DNA (and your privacy) For Sale Online?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Faster and Safer Internet? Here's How... (Posted: 10 Oct 2022)
Copyright © 2005 - Bob Rankin - All Rights Reserved