Is your internet connection still using your ISP provided DNS servers? You could be leaving some easy performance, privacy and useful tools on the table.
If you are using your ISPs DNS servers, they have full access to every site you go to on the net. This shouldn’t be an issue, except for the fact that many ISPs monetize this by selling that information, which seems a bit rude considering you are already paying them for your service.
Think of DNS as the phone book your internet connected devices use to connect to web sites and resources. Some of these phone books list absolutely everything, and some filter out things that are known to be dangerous. Your idea of ‘dangerous’ may differ, but some of the things that can be selected for filtration are;
- Sites known to host malware
- Known phishing sites
- Adult content
- Sites you don’t want available in your workplace
Depending on your requirements there are a few main providers worth consideration. If you want family friendly then it’s hard to go past OpenDNS and their Family Shield and Home products. The former is pre-configured to block adult content, and the Home has customisation options to fine tune what you would like to block.
Quad9 uses threat intelligence from more than a dozen of the industry’s leading cyber security companies to give a real-time perspective on what websites are safe and what sites are known to include malware or other threats. If the system detects that the site you want to reach is known to be infected, you’ll automatically be blocked from entry; keeping your data and computer safe.
Cloudflare offers its 126.96.36.199 service, which is similar to Quad9 but uses fewer outside sources of cyber intelligence and has a greater commitment to user privacy. As to the sources of intel, never underestimate just what Cloudflare themselves can bring to the table! Their presence in this field is enormous. 188.8.131.52 is also somewhat unique in that they also offer an app for mobile devices, which is extremely useful since unless you are using a VPN, then when your mobile devices are not on your home network, changing their DNS servers can be somewhat problematic.
Adguard, as the name implies, are more focused on blocking advertisements and trackers. They also offer a Family Protection service much like OpenDNS. They also state that they do not keep any logs of your DNS queries, so your privacy is respected. There are apps for android and iOS, but the iOS one is paid, and the android one is not available in the play store due to Google policy.
These are just a few of my preferred DNS providers and they all have instructions for setting them up. I would personally be setting my chosen service up in my router settings to cover all my devices at home, and ensuring they are also set up on any devices which will be on other networks such as laptops and mobile devices. You don’t need to stick to any one service here, since they are all free (some with paid options) and you might want to put some thought into which devices need which features.
The other option is that which I use myself, and that is a Pihole. This can be set up on a Raspberry Pi in your home, or even on a cloud based virtual private server in conjunction with a VPN so that it is filtering based on the rules that you set for any device, anywhere. Just ask about what we can do for you here. I’m happy to suggest resources for those who are happy to set this up for themselves, or can do it for you.