Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Third party DNS servers. Advantages and disadvantages?


  • Please log in to reply
15 replies to this topic

#1 jonuk76

jonuk76

  • Members
  • 2,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:10:38 PM

Posted 12 March 2014 - 09:48 AM

I've noticed that there are quite a few third party DNS services that you can use instead of the default servers assigned by your ISP.

 

Some examples are Google DNS, Open DNS or Comodo Secure DNS.  A few others mentioned here.

 

Some of the claims include:

 

Faster

Better security (some claim to filter malicious domains that host malware)

More reliable

 

I've tried Comodo DNS which I configured my modem router to use, but I've reverted back as oddly, it broke some of my local network features (network service discovery).  Apart from that, the only other difference I noticed was that dead links for domains that no longer exist went to a Comodo page.  I can't say I noticed it being either any faster or slower than the one provided by my ISP.  Blocking of malicious domains would be a nice feature though (if it works as intended).

 

What I'm asking then is what is the experts view on using services like this?  Do they offer advantages for most people or are you better off sticking with the default ISP provided DNS.

 

Thanks


7sbvuf-6.png


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:38 PM

Posted 12 March 2014 - 10:03 AM

No expert....but after some hiccups in my ISP's DNS server I switched to OpenDNS a few years ago. No more hiccups and does

occassionally but rarely lets me know the site I attempted to go to is acting suspiciously or some other reason it is best to avoid.

 

I was reading an article this morning that you might be interested in. Just scroll down to the comments on DNS servers.

DNS servers dodge region-blocking  Bypassing content filters: How to see the web they don't want you to see | PCWorld
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 jonuk76

jonuk76
  • Topic Starter

  • Members
  • 2,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:10:38 PM

Posted 12 March 2014 - 10:41 AM

Yes interesting reading, thanks Buddy.

 

As for the problem I was having,  if I just change the DNS to Comodo's in Windows TCP/IP settings rather than the router itself, I suspect it will fix the problem, while still getting the benefits of domain blocking on the Windows PC.


Edited by jonuk76, 12 March 2014 - 10:42 AM.

7sbvuf-6.png


#4 bludshot

bludshot

  • Members
  • 657 posts
  • OFFLINE
  •  
  • Local time:04:38 PM

Posted 12 March 2014 - 11:00 AM

I think if your ISP's DNS servers are working fine for you, and you aren't trying to do some region block dodging, then just keep using them.

 

Using a 3rd party DNS server means one more entity knows all the websites you visit. If you aren't that overboard about privacy then that doesn't matter though.



#5 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:38 PM

Posted 12 March 2014 - 11:21 AM

I only changed the DNS settings in Windows and Ubuntu. I did recently get into the router settings and activate the firewall, set a password and

blocked something to do with remote access. Did that after seeing all the recent chatter about routers being attacked. Seems the default

for the firewall was to be turned off.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 12 March 2014 - 11:40 AM

Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider.

Google Public DNS

OpenDNS uses IP addresses to know that a DNS request is coming from you. With a free OpenDNS account, you establish and verify an IP address or range of IP addresses as under your management as a network. A network may be a single IP address on up to many thousands of addresses. OpenDNS delivers custom DNS preferences and statistics based on the network association, which you establish and verify with a free OpenDNS account in the Dashboard.

Dynamic IP: General Information for OpenDNS usage

To use OpenDNS, you choose to use their DNS servers instead of those assigned by your ISP so there is no software involved.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Kilroy

Kilroy

  • BC Advisor
  • 3,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:04:38 PM

Posted 14 March 2014 - 02:51 PM

You can try Steve Gibson's DNS Benchmark to let you know which DNS gives you the best service.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 14 March 2014 - 04:45 PM

I sometimes have to wonder about the research provided by Steve Gibson. I read that he still runs XP SP2 and claims that 100% of Internet Explorer's security issues would be blocked if the person was a non admin.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 jonuk76

jonuk76
  • Topic Starter

  • Members
  • 2,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:10:38 PM

Posted 15 March 2014 - 05:11 AM

You can try Steve Gibson's DNS Benchmark to let you know which DNS gives you the best service.


Thanks RKilroy. Even if some of his other advice is questionable, that seems like a useful little program. According to that program the best performance for me is provided by my ISP's servers.

7sbvuf-6.png


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 15 March 2014 - 07:18 AM

I forgot to include this yesterday...namebench DNS Benchmark Utility is another alternative you can use to compare with GRC's Domain Name Speed Benchmark.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 jonuk76

jonuk76
  • Topic Starter

  • Members
  • 2,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:10:38 PM

Posted 15 March 2014 - 10:14 AM

Thanks quietman7.  Your link leads to Malwarebytes downloads page though.  Is this perhaps the one intended? - https://code.google.com/p/namebench/downloads/list


7sbvuf-6.png


#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 15 March 2014 - 02:00 PM

I fixed the link...it should have and now goes to the main page which explains it. Your link goes to the download page. Either works.

The Wiki tab has info for Using NameBench and FAQs.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Kilroy

Kilroy

  • BC Advisor
  • 3,372 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:04:38 PM

Posted 18 March 2014 - 01:04 PM

The 100% of Internet Explorer (IE) issues being prevented if not running with Admin rights was from an independent report, by Avecto.  Most of Steve Gibon's actions need to be viewed with how he uses his equipment.  He doesn't use IE, he uses Firefox with No Script.  He doesn't use Flash and Java.  His web browsing is from the point of view of someone with a security background who doesn't click on every link.  His XP machine is behind a router and has the Windows Firewall active.  Is what Steve Gibon does a recommendation for the general user population, heck no.


Edited by RKilroy, 18 March 2014 - 01:05 PM.


#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 18 March 2014 - 02:51 PM

Let me clarify....It's because Steve is seen as someone with a strong security background that some of his public statements may be taken incorrectly on face value by those who lack such knowledge. That has been a topic of concern with many Microsoft MVPs.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:04:38 PM

Posted 24 March 2014 - 02:32 AM

I personally use Norton ConnectSafe DNS which is very helpful in blocking harmful sites at the DNS level. They have three types of DNS servers A, B and C. I use the C for maximum protection.

I also use the public dns server tool to select any of these public dns servers in windows easily.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users