How To Change Your DNS Servers & Improve Internet Security

change dns server intro   How To Change Your DNS Servers & Improve Internet SecurityImagine this – you wake up one beautiful morning, pour yourself a cup of coffee, and then sit down at your computer to get started with your work for the day. Before you actually get stuff done, you go over to your favorite browser and type in http://www.makeuseof.com. Within seconds, you’re looking at our website and all of our latest posts.

But hold on, how the heck did your computer even know where to find MakeUseOf? How does it even know what http://www.makeuseof.com even means? It finds out by using a core technology which exists throughout the Internet called DNS, or Domain Name System.

Tell Me More About DNS!

DNS is a backbone component of the Internet which helps in name resolution. In layman’s terms, DNS helps turn a web address, also known as a URL, like http://www.makeuseof.com into an actual location, called an IP address. IP addresses are in the form xxx.xxx.xxx.xxx, where all the x’s are a bunch of different numbers. Your computer knows how to reach those IP addresses, but it doesn’t directly know what to make out of URLs, which were created to make it easier to remember websites. DNS servers are there to help with this so that we can browse without having to think about what’s actually happening.

The thing is, there isn’t a single, central DNS server which everyone has to access in order to resolve a URL. There are many, many different DNS servers in the world, which can be found at places such as your ISP or third-party services such as OpenDNS. In fact, you’re most likely using your ISP’s DNS servers right now if you haven’t changed any of your computer’s or router’s settings. Although you’d like to trust your ISP, their servers are most likely simple. Simple in that they literally only resolve URLs, and nothing more. They usually don’t focus on increasing security, because these servers can be at risk of cyber attacks as well.

Possible Results Of An Attack

hackers bad   How To Change Your DNS Servers & Improve Internet Security

When a DNS server is attacked, there’s a few different things that could happen. First, the server could just simply crash or otherwise go offline, so you won’t be able to browse around as you would normally do until your ISP fixes the issue. Second, the attacker could change DNS records on the server, and point certain URLs to false lookalike pages. This is an especially dangerous attack because phishing attacks are usually recognizable by a weird URL, but with a tainted DNS server, the URL will appear exactly what it should be, but you’d still be on the false page.

What Can I Do?

Therefore, the best safety practice is to switch to a more secure DNS server which is better supported. There’s a good number of DNS services you can choose from, but there are two I highly recommend. If you want a no-gimmick DNS experience that you can trust, you should try Google’s Public DNS servers. These are run by the search giant itself and are highly maintained, so you won’t have to worry about any issues or attacks. For a more feature-rich DNS experience, I’d recommend OpenDNS, which has special options to prevent certain types of attacks and even includes a customizable web filter.

How Do I Switch?

change dns server linux   How To Change Your DNS Servers & Improve Internet Security

Once you’ve settled on the DNS server you’d like to switch to, you’ll need to change your system’s settings in order to use them. The methods of changing these settings vary greatly depending on the operating system.

  • Windows users will need to go into their network device’s properties, then go into the IPv4 properties, and then change the DNS servers in the bottom section of the window.
  • Mac OS X users will need to go into their System Preferences, click on “Network“, choose their network device, click on “Advanced”, and then enter DNS servers after clicking on the DNS tab.
  • Linux users will need to click on their network applet, choose Edit Connections, click on “Edit” for your network device, and under the “IPv4 Settings” tab, choose the “Automatic (DHCP) addresses only” profile, and then add the DNS servers into the DNS servers textbox, with each server address separated by a comma.
  • Even Android users can change their DNS server, but it only goes into effect while you’re using WiFi. Therefore, you can find the appropriate settings when you hit the Menu button and choose “Advanced” while you’re in the WiFi setup screen. For quick reference, Google’s DNS servers are at the addresses 8.8.8.8 and 8.8.4.4, while OpenDNS’s servers are at 208.67.222.222 and 208.67.220.220.

Conclusion

Issues that can exist with DNS servers are a bigger issue than a lot of people think, because rarely anyone ever talks about them and mentions switching to different ones. Plus it’s a “confusing” backbone component of the Internet, which makes people even more reluctant to talk about it. Consider switching as a precaution so you know you’ll be safe.

Which DNS server(s) are you using? What made you choose it over other options? Let us know in the comments!

Image Credits: Xeni Jardin, Katy Levinson

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

42 Comments -

Wayne

Also check out OpenDNS’s beta product/service, DNSCrypt (http://www.opendns.com/technology/dnscrypt/). From their site: “It works by encrypting all DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks.”

Danny Stieben

It’s definitely a cool technology! I just had issues with finding an up-to-date client for Linux. Hopefully they can build on that product!

Tug Ricks

As a relatively ignorant person… Does changing DNS settings from what’s provided by your ISP to one of these impact internet speeds? I’m all for security, but I’d be less thrilled if it caused a major decrease in performance.

Mike Merritt

Both opendns and google’s dns are supposedly “faster” than other DNS servers – which is a reason that some people switch. However, we should note that usually the DNS server that your ISP provides is definitely a shorter path (transit time) to you than to, say, Google’s servers – which may be faster computing but are farther way.
For techs that like to tweak – http://www.grc.com/dns/benchmark.htm – allows you to test for the fastest DNS server for yourself (your specific location).

Arron Walker

On the whole, no. The only thing it will change is ping time, unless your ISP is terrible, any difference should be negligible.

Tug Ricks

Thanks. So far I haven’t noticed any difference whatsoever.

Danny Stieben

All of these answers you’ve gotten are worth checking out. :) While from a physical standpoint the obvious answer would be no, large third-party providers often specialize in both security and speed, so from that standpoint the answer is yes.

It’s worth a try no matter what. If it is faster, great! If not, well you’re still more secure. If it’s slower, you can always switch back.

Mohammed Taha

Nice Article ..
But I think you should mention that changing your DNS server may affect your speed a little bit.
In my case my ISP DNS server is much faster than Google DNS.

thanks :)

Bj Reilly

Good stuff

Arron Walker

I’ve been using Google’s DNS for about a year now – before that I used Comodo’s for a while, when I used their anti-virus.

Danny Stieben

I like Google’s, but I tend to go for OpenDNS whenever I actually remember to change my DNS settings. I suppose my choice in OpenDNS over Google lies in that OpenDNS is a pure DNS company, while Google is spread all over and their Public DNS servers are technically still in beta (or at least they were).

Rigoberto Garcia

Great article Danny. Thanks…

Zenphic

I’ve been using OpenDNS for quite a few years now. I made the switch because my ISP’s DNS server was problematic in terms of ping. What I don’t like about OpenDNS is how it redirects URLs to OpenDNS’ own search page if there’s an error.

Danny Stieben

I assume you’re not using Chrome…I know it can be changed in Firefox so that Google or some other search engine pops up instead.

jasray

from PC World:

“You have to remember they are also the largest advertising and redirection company on the Internet,” he says. “To think that Google’s DNS service is for the benefit of the Internet would be naive. They know there is value in controlling more of your Internet experience, and I would expect them to explore that fully.”

Using OpenDNS, especially now that they are stabbing at spam, is much faster than your local DNS. Using Google? The privacy reputation for Google is somewhat questionable.

OpenDNS also offers DNScrypt which encrypts all traffic going to their DNS server. And the filter options are great. Now, it’s like having a second firewall.

Danny Stieben

I agree. That’s why personally I go for OpenDNS, although I’ll gladly recommend Google’s offering to Google fanboys.

elhaj

for Linux Mint users a tutorial with some extras
http://community.linuxmint.com/tutorial/view/996

Ashwin Ramesh

Good article! Thanks for sharing!

Danny Stieben

Glad you enjoyed it!

Daniel Escasa

Why stop at the PC level? Modify the DNS settings on your router, and you don’t have to bother with the devices you use to connect to the Internet. That way, visitors would have access to either Google’s or OpenDNS’s name servers. I might change DNS settings only on my laptop, for the times I’m away from my home network.

And as an aside, real Linux users wouldn’t just change DNS settings, they’d run their own caching name server >ducks<.

Tug Ricks

I looked and it doesn’t seem possible to change the DNS settings on my cable modem/wireless router. (Motorola Surfboard SBG6580) Is it still worth it to change the settings on my laptop(s)?

Daniel Escasa

Sure. I just thought that it would be more convenient if your modem or router used Google’s or OpenDNS’s servers. If your modem or router doesn’t allow for changing the DNS settings, then you’ll just have to change the settings for each device in your network.

Danny Stieben

That’s true, it would be easier/more far-reaching. And I believe modems can’t be changed usually, only routers. *shrug*

Daniel Escasa

I’m not too sure about that. I haven’t looked at my modem settings in a while (lost my password, arghhh!) but I seem to remember that I could change the DNS settings.

GayashanNA

I have been using OpenDNS for a while now and it seems pretty good.

Ab_VoHeRa

Hey…really helpful article…i was not aware that by hacking dns server such all things can happen…:)
cool
:)

Muhammad Ahmad

Using my own ISP DNS Server. Google NameBench DNS Benchmark results shown my current DNS Server the fastest DNS Server. I am using BullGuard Internet security and my own mind for safer browsing.

Kevin

Thank you so much for the great article! I setup an account with OpenDNS and changed settings from Google. I will do some checking from the great links and posts here but It feels like a 20% or more increase in speed and page loading. Again, thanks for the great article and the very helpful posts.

Danny Stieben

I’m glad you’re noticing a difference! :)

Kaashif Haja

I use Norton DNS
198.153.192.40
198.153.194.40

Is it alright or should i change to Google DNS?

Danny Stieben

If you trust Norton’s DNS servers, then it’s fine. I personally don’t like Norton, but others swear by it.

Derrell

I now use AT&T’s name server. I want to switch to a different DNS but am wondering about the DNS records that are now maintained by AT&T versus where I want to go (A record, MX records, etc.). If I set up new records with another DNS provider, do I then delete the DNS records at AT&T. Just wondering how that works.
Thanks

Edgar Meixueiro

I’ve used opendns familyshield before. That makes your internet connection more secure.

Srinivas N

Thats really gr8 article Danny..Loved it and now i have switched to Google DNS and enjoying better internet speed :)

Srinivas N

So if that is the case why some people are denied access to internet on internet blackout that occured on july 9th because of ISP’s DNS servers are infected???They should have switched to this DNS servers (google and Open DNS)..would that have helped them???

Benjamin Glass

Thanks for the tip–I didn’t know you could change DNS servers, although I did know what they were.

mrm528581

Thanks for the article enjoyed reading.

Vivek

Will changing dns result in decrease in download speed ?

Mike W

I am trying to get Netflix US in Canada and have found a couple of DNS servers that will trick Netflix into thinking I am in the US. I am worried though that these servers may spoof sites and gather information, is that something legit to worry about? Or can I use Google DNS or OpenDNS to make me seem like I am in America?

Patrick

Hi Danny,

Thanks for a great article.

I’ve been using apple TV (Netfli & Hulu) outside of the US for about a year now, by changing a couple of settings and it works perfectly. Over the past couple of months I have assisted a couple of people with this, and since my speed has reduced dramatically. Is this because more people are starting to use the same dns numbers as me, or does this not effect it?