Jump to content

DNS Servers

Bundaburra

By Bundaburra,
in Emsisoft Anti-Malware Home

 Share

Recommended Posts

Bundaburra

Bundaburra

Posted
Posted

In the blog "13 mistakes to avoid", under the heading "SSL inspection practice", it says " DNS based filtering is the way to go, if you’re worried about your SSL security.".  What does this mean?  I use the DNS servers provided by my ISP, but I know there are others, some of which are said to offer enhanced security and filtering.  Does Emsisoft have any recommendation about which DNS servers to use?

(Windows 10 1709, Firefox 58.0.1, EAM 2018.1.1.8439)) 

Link to comment
Share on other sites
Minimalist

Minimalist

Posted
Posted

That article only described 2 different methods to filter web traffic. One with SSL inspection performing MITM and the other by filtering DNS requests.

Emsisoft uses built-in filtering of malicious websites that is conducted via DNS requests being filtered. You don't need specific additional DNS server to improve filtering.

 

  • Like 1
Link to comment
Share on other sites
GREGORY

GREGORY

Posted
Posted
  • Quad9 - 9.9.9.9 (IBM)
  • Level3 – 209.244.0.3 y 209.244.0.4
  • Verisign – 64.6.64.6 y 64.6.65.6
  • Google – 8.8.8.8 y 8.8.4.4
  • WATCH – 84.200.69.80 y 84.200.70.40
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20
  • OpenDNS Home – 208.67.222.222 y 208.67.220.220
  • DNS Advantage – 156.154.70.1 y 156.154.71.1
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10
  • GreenTeamDNS – 81.218.119.11 y 209.88.198.133
  • SafeDNS – 195.46.39.39 y 195.46.39.40
  • OpenNIC – 96.90.175.167 y 193.183.98.154
  • SmartViper – 208.76.50.50 y 208.76.51.51
  • Dyn – 216.146.35.35 y 216.146.36.36
  • FreeDNS – 37.235.1.174 y 37.235.1.177
  • Alternate DNS – 198.101.242.72 y 23.253.163.53
  • DNS – 77.88.8.8 y 77.88.8.1
  • dk – 91.239.100.100 y 89.233.43.71
  • Hurricane Electric – 74.82.42.42
  • puntCAT – 109.69.8.51
Link to comment
Share on other sites
GREGORY

GREGORY

Posted
Posted

what I know:

  • OpenDNS Home – 208.67.222.222 y 208.67.220.220 - FILTERING
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20 - Security
  • Quad9 - 9.9.9.9 (IBM) - Privacy and Security
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10 - Security

The other  just alternative DNS services

Please, If I'm wrong, please have someone with more information correct what I mentioned above... :rolleyes:

Link to comment
Share on other sites
m0unds

m0unds

Posted
Posted
13 hours ago, onbox said:

what I know:

  • OpenDNS Home – 208.67.222.222 y 208.67.220.220 - FILTERING
  • Comodo Secure DNS – 8.26.56.26 y 8.20.247.20 - Security
  • Quad9 - 9.9.9.9 (IBM) - Privacy and Security
  • Norton ConnectSafe – 199.85.126.10 y 199.85.127.10 - Security

The other  just alternative DNS services

Please, If I'm wrong, please have someone with more information correct what I mentioned above... :rolleyes:

Yup, you're correct.

 

OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection.

Quad9 uses a bunch of vendors' threat intelligence feeds to block malicious and phishing sites.

Comodo is vague, but claim they use RBLs. They aren't RFC-compliant with regard to DNS TTLs. No idea whether they redirect on NXDOMAIN (I don't trust Comodo as a company, so I haven't used this svc)

Norton uses their own threat intelligence feeds to block phishing, malicious sites, etc, but last I checked, they redirect instead of returning NXDOMAIN, and partner with ask.com for that monetization stuff (yuck).

  • Upvote 1
Link to comment
Share on other sites
GT500

GT500

Posted
Posted
6 hours ago, m0unds said:

OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection.

OpenDNS also has protection against DNS spoofing and such, although the others probably do as well.

Link to comment
Share on other sites
m0unds

m0unds

Posted
Posted
4 minutes ago, GT500 said:

OpenDNS also has protection against DNS spoofing and such, although the others probably do as well.

yea, DNS cache poisoning is increasingly rare because common DNS servers like bind, unbound, etc. do it by default

Link to comment
Share on other sites
GT500

GT500

Posted
Posted
On 3/1/2018 at 9:25 PM, Azure Phoenix said:

Heimdal - paid software but they also provide DNS filtering.

I assume you mean they monitor application DNS lookups similar to how Emsisoft Anti-Malware does, and block any DNS queries for known malicious websites?

Link to comment
Share on other sites
GT500

GT500

Posted
Posted

OK, so they do a basic form of local DNS filtering, and network traffic filtering. I am a bit curious as to whether or not their system would slow down DNS queries, however that probably depends on the computer and the speed of the Internet connection (higher latency connections would experience more of a slowdown).

One unfortunate thing about it is that they transmit data about every website you visit to their "cloud network" (which is fancy marketing terminology for their servers). We assume that being a computer security company they're smart enough to encrypt the data, and that they don't save any of it, however even a lot of computer security companies will save data like that just for statistical purposes (even if they don't log what IP address the data came from).

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

Products & Services

Ransomware/Malware Removal

Partners

Resources

Company

© 2003-2022 Emsisoft - 05/26/2022 - Legal Notice - Terms - Bug Bounty - System Status - Privacy Policy

×
×
  • Create New...