Bundaburra

DNS Servers

Recommended Posts

In the blog "13 mistakes to avoid", under the heading "SSL inspection practice", it says " DNS based filtering is the way to go, if you’re worried about your SSL security.".  What does this mean?  I use the DNS servers provided by my ISP, but I know there are others, some of which are said to offer enhanced security and filtering.  Does Emsisoft have any recommendation about which DNS servers to use?

(Windows 10 1709, Firefox 58.0.1, EAM 2018.1.1.8439)) 

Share this post


Link to post
Share on other sites

That article only described 2 different methods to filter web traffic. One with SSL inspection performing MITM and the other by filtering DNS requests.

Emsisoft uses built-in filtering of malicious websites that is conducted via DNS requests being filtered. You don't need specific additional DNS server to improve filtering.

 

  • Like 1

Share this post


Link to post
Share on other sites

Quad 9 is another good option w/malicious site blocking, but they're still working out some routing quirks in certain regions (Oceania, Eastern Europe, South America)

Share this post


Link to post
Share on other sites
  • Quad9 - 9.9.9.9 (IBM)
  • Level3 – 209.244.0.3 y 209.244.0.4
  • Verisign – 64.6.64.6 y 64.6.65.6
  • Google – 8.8.8.8 y 8.8.4.4
  • WATCH – 84.200.69.80 y 84.200.70.40
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20
  • OpenDNS Home – 208.67.222.222 y 208.67.220.220
  • DNS Advantage – 156.154.70.1 y 156.154.71.1
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10
  • GreenTeamDNS – 81.218.119.11 y 209.88.198.133
  • SafeDNS – 195.46.39.39 y 195.46.39.40
  • OpenNIC – 96.90.175.167 y 193.183.98.154
  • SmartViper – 208.76.50.50 y 208.76.51.51
  • Dyn – 216.146.35.35 y 216.146.36.36
  • FreeDNS – 37.235.1.174 y 37.235.1.177
  • Alternate DNS – 198.101.242.72 y 23.253.163.53
  • DNS – 77.88.8.8 y 77.88.8.1
  • dk – 91.239.100.100 y 89.233.43.71
  • Hurricane Electric – 74.82.42.42
  • puntCAT – 109.69.8.51

Share this post


Link to post
Share on other sites

Do all of those have DNS filtering options, or are they just alternative DNS services?

Share this post


Link to post
Share on other sites

what I know:

  • OpenDNS Home – 208.67.222.222 y 208.67.220.220 - FILTERING
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20 - Security
  • Quad9 - 9.9.9.9 (IBM) - Privacy and Security
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10 - Security

The other  just alternative DNS services

Please, If I'm wrong, please have someone with more information correct what I mentioned above... :rolleyes:

Share this post


Link to post
Share on other sites
13 hours ago, onbox said:

what I know:

  • OpenDNS Home – 208.67.222.222 y 208.67.220.220 - FILTERING
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20 - Security
  • Quad9 - 9.9.9.9 (IBM) - Privacy and Security
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10 - Security

The other  just alternative DNS services

Please, If I'm wrong, please have someone with more information correct what I mentioned above... :rolleyes:

Yup, you're correct.

 

OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection.

Quad9 uses a bunch of vendors' threat intelligence feeds to block malicious and phishing sites.

Comodo is vague, but claim they use RBLs. They aren't RFC-compliant with regard to DNS TTLs. No idea whether they redirect on NXDOMAIN (I don't trust Comodo as a company, so I haven't used this svc)

Norton uses their own threat intelligence feeds to block phishing, malicious sites, etc, but last I checked, they redirect instead of returning NXDOMAIN, and partner with ask.com for that monetization stuff (yuck).

  • Upvote 1

Share this post


Link to post
Share on other sites
6 hours ago, m0unds said:

OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection.

OpenDNS also has protection against DNS spoofing and such, although the others probably do as well.

Share this post


Link to post
Share on other sites
4 minutes ago, GT500 said:

OpenDNS also has protection against DNS spoofing and such, although the others probably do as well.

yea, DNS cache poisoning is increasingly rare because common DNS servers like bind, unbound, etc. do it by default

Share this post


Link to post
Share on other sites
On 3/1/2018 at 9:25 PM, Azure Phoenix said:

Heimdal - paid software but they also provide DNS filtering.

I assume you mean they monitor application DNS lookups similar to how Emsisoft Anti-Malware does, and block any DNS queries for known malicious websites?

Share this post


Link to post
Share on other sites

OK, so they do a basic form of local DNS filtering, and network traffic filtering. I am a bit curious as to whether or not their system would slow down DNS queries, however that probably depends on the computer and the speed of the Internet connection (higher latency connections would experience more of a slowdown).

One unfortunate thing about it is that they transmit data about every website you visit to their "cloud network" (which is fancy marketing terminology for their servers). We assume that being a computer security company they're smart enough to encrypt the data, and that they don't save any of it, however even a lot of computer security companies will save data like that just for statistical purposes (even if they don't log what IP address the data came from).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.