The Internet has to be one of the biggest and fastest growing phenomenon ever witnessed. Yet the bigger it grows, the more dangerous it also seems to get. From fraud/phishing websites trying to steal your financial information to malicious websites installing malware on your computer without your knowledge, its all there. I’ve always told users that you can’t simply just connect a wire to get on the Internet and do your business anymore. It has now become mandatory that everyone learn a little bit about the dangers lurking behind the giant cloud called the Internet because you have much more to lose than back then when the Internet was still in it’s infancy. In this article, I will explain one of the services that drives the Internet and how you can use an alternative to the one provided by your Internet service provider. You can then filter out the bad websites and have a better degree of protection.
The Domain Name System (DNS) can be thought of as the backbone of the Internet. Without it, the Internet could melt down and users will not be able to visit their favorite web pages any more. When you type in an address in your browser of choice, what do you think happens? The web page doesn’t just magically appear on your screen as some of you may be thinking! There must be some sort of system or service in place that knows how to retrieve the web page from the web servers and display it on your screen. Well, that service is the DNS service. In the background, as soon as you hit Enter or Go in your web browser, DNS quickly goes to work and performs a series of queries to retrieve the IP address of the web server that host the web page of interest and then finally display it on your screen. Because humans can’t remember long strings of numbers, particularly IP addresses like 184.108.40.206, DNS does the job of translating www.Google.com into 220.127.116.11.
Your Internet service provider (ISP,) whether it be from Oceanice Time Warner, Comcast, Verizon or a host of others, usually provide you with their DNS servers hosted at their headquarters. They do the same job of fetching the IP addresses of your web browser queries and return the resulting web page to your computer. As you can see, if for some reason your ISP’s DNS servers are down, then you and most likely all of their other customers who use the same DNS servers will not have a connection to the Internet because now there isn’t a way to translate www.yahoo.com into their respective IP address. This is just a brief introduction to DNS as it certainly gets much more deeper and complicated than that. If you want to learn more about DNS, you’ll want to visit Microsoft’s Technet webpage on “How DNS Works”.
Okay, so with the basic understanding of how the DNS system works, I want to introduce you to a free service called OpenDNS. At it’s core, you can think of this as another DNS server that will fetch the IP addresses of web pages you requested in your browser. Don’t be fooled though as it gives you a lot more control than what you are using right now with your ISP’s provided DNS servers. One of the best features of using OpenDNS is having the ability to filter web sites based on categories! If you are a parent with kids that regularly browse the Internet, then you will want to use OpenDNS if just for this purpose alone. You can now filter out pornography sites, gambling sites, social networking sites which have suddenly taken the world by storm, gaming sites and much much more! Don’t want your kids spending all of their time playing video games from gaming websites at home? Well now you can by blocking them with OpenDNS!
Besides filtering out websites, there is also the security enhancements that come with using OpenDNS. For example, because OpenDNS is a company dedicated to providing DNS and only DNS services, they have more time and resources dedicated to securing it and providing the best experience to the users as possible. With OpenDNS, they mark fraudulent and phishing websites so that you won’t be able to visit them. Phishing websites are bogus websites pretending to be something or someone they are not (usually a bank) in hopes to lure you into divulging your personal financial information. Phishing attacks have grown tremendously as more and more people are connected to the Internet everyday. Remember, the bad guys don’t need to catch everyone with their scams. All they need is a couple of curious users everyday and they will have won.
Alright, so let’s get into how you actually use OpenDNS.OpenDNS is browser independent. It doesn’t matter if you use Internet Explorer, Firefox, Safari, Chrome or Opera.
#Configuring your DNS server address
To break free of your ISP’s grip on DNS server use and to start using OpenDNS, you need to configure your computer/router to use OpenDNS’s DNS servers. Their website gives you detailed information on how to configure it but I will show it as well. I am assuming that your network consist of a single router and that you are using DHCP. All you need to do is open up your router’s configuration page via a web browser and manually/statically input OpenDNS’s DNS addresses in the DNS field. You then save the configuration and the next time you turn on your computer, the router should give you an IP address along with the new DNS addresses. I am using a Linksys router. OpenDNS webpage will show you how you can access your router’s configuration page so visit their help page.
Once you save the changes, the next time your router gives you a IP address, you will also have the updated DNS information and will begin actually using OpenDNS. If you don’t have a router, then you will need to configure your network adapter’s TCP/IP setting to make the changes. Head into your network connections page and go into the Properties of your network adapter. Click on Internet Protocol Version 4 and click on the Properties button. Leave the IP address portion alone but in the DNS section below, you’ll want to manually input the IP address. Type in the IP addresses to OpenDNS’s DNS servers and hit OK.
# Checking your configuration
Now you’ll want to manually check to make sure that your adapter is indeed using OpenDNS. Open a command prompt and type in ‘ipconfig /all’. Look at the DNS portion to verify that your DNS is appropriately configured.
# Creating an OpenDNS account (optional)
If you don’t need to filter/block any websites or track any stats, then that’s it! You are now using a much safer and more reliable DNS service compared to what you were using with your ISP’s DNS servers. However, if you wish to squeeze much more out of OpenDNS, then you will need to create a free account. Follow the website’s instruction.
# Configuring your network settings
The first task is to configure and label your home network. OpenDNS should detect your public IP address so accept it. You can then label your network to whatever you are comfortable with. At this point, you can choose to download their OpenDNS Updater software or not. This is a small utility that will automatically update your OpenDNS account/network whenever your public IP address changes. This usually happen either when your IP address lease is up and your ISP gives you a new one or when you power off your cable modem and turn it back on. If you don’t update your public IP address in your OpenDNS account, then the settings will break. So, instead of having to always log in and configuring the change, their software will do it for you automatically. Handy indeed!
# Blocking domains and websites
If you look on the bottom, you can manually configure a web domain to be always blocked or always allowed. This is useful if for some reason a specific file storage website is not blocked even though you have the ‘file storage’ filtering option turned on. You can then set that website to be blocked here. The other can be said to allow a website. Sometimes there are false positives and a website that you want to visit has be labeled bad by the filtering engine. You can then manually have that website to be always accessible here. As you can see in my example, I have setup the web domain of myspace.com to be always blocked.
It will take about a minute or two before the changes are reflected to your account so be patient. Afterwards, whenever you or a family member try to visit a website that is blocked by OpenDNS’s filtering, you will see a friendly webpage telling you so. You can even customize and tailor the message to your specifications.
# Other options
There are a host of other options available to you that you can configure. For example you can configure stat logging, domain typo correction, network shortcuts (pretty pointless in my opinion as you can just use bookmarks instead) and botnet protection. Heck, OpenDNS can even tell if your computers have been infected with the Conficker worm!
As you have witness, substituting your ISP’s DNS servers with OpenDNS offers you much more benefit and control on how the Internet works in your household. Although website filtering and blocking is not a new feature, many users ignore this because they just can’t seem to find an easy way to configure it! With OpenDNS, it couldn’t be easier. You have the added benefit of faster web browsing, a reliable service and security all rolled into one package. However I do want to point out that it seems to me that a lot of parents now days are relying on technology to discipline their kids. Although I am no parent myself, it seems as if parents just forgot about good old methods of actually talking with their kids instead. You would be wise to teach your kids about what they should and shouldn’t be doing on the Internet. Instead of blocking their access with filtering techniques and such, teach them well and trust them so that you never have to in the future.