- What is DNS?
- Benefits of changing your DNS settings
- Choosing a Public DNS server
- DNS server
- Change your DNS settings
What is DNS?
Internet Service Providers (ISP) such as Spectrum, Cable America, and Xfinity offer their own Domain Name Servers (DNS) by default. Continue use of these default DNS servers results in decreased security, privacy, and speed. Now, what exactly is a Domain Name Server? A DNS is a computer server that takes the website address that you type in a browser such as “www.privatethrifty.com” and queries several databases to match the website with the IP address (e.g. 126.96.36.199) that allows the connection. Computers and networks connect using IP addresses much like a telephone number. Essentially the DNS is like the phone book of the internet. Now there are many DNS servers available to do this. ISPs offer their own, but there are public paid and free servers as well. Each offers a different set of benefits to compete with each other such as speed, privacy, and security.
The whole process requires back and forth communication between your computer, the DNS server, and the website. The DNS server is the man in the middle and can be vulnerable to malicious attacks. It is important to trust your DNS server because all of your traffic passes through it.
Benefits of changing your DNS settings
There are many benefits to be gained by changing your default DNS settings. The speed at which a website loads can be affected by how close the servers you connect to are in relation to your computer. By choosing a DNS server close by, you can improve load times. You can compare the speed of DNS servers at DNSPerf.
(DNS attacks by certain malware can change the DNS server settings so when you think you're going to your bank, you can actually be redirected to a hacker's server and your information can be stolen. Hackers will clone your bank website so that it looks exactly like it but they have control over the information that you input such as username and password. They can then go to the real website and steal your information and or money. Default DNS servers that your ISPs provide often do not use end-to-end encryption so that you are susceptible to man in the middle attacks. Hackers can access the information after it leaves your computer on its way to the DNS server. When the info is encrypted, hackers can still access it but will not be able to do anything with it as it will be all encrypted nonsense to them. You can protect yourself from these DSN attacks by using anti-virus software such as Malwarebytes. (get 4 years premium for only $5).
ISPs can also use their DNS servers to log your internet usage and keep this on file to later sell your data to third party companies. They can also control what sites and information you use by blocking or throttling traffic. Network neutrality was the principle that all ISPs treat all internet communication equally and not discriminate. This was a big fight in congress for a while but lost. ISPs have no obligation to treat all internet communication equally and can charge different rates based on user, content, sites, or other usages. They can block or limit speeds based on what sites you visit. Many bills have been attempted to be passed that would require net neutrality and California has successfully passed its own net neutrality act. However currently, we are at the whim of ISPs.
DNS servers are a way to fight back and regain control of our internet usage. There are many alternative public DNS servers you can connect to instead of the default DNS servers provided by your ISP. Many of these offer faster speeds, secure internet usage, unthrottled and unblocked content as well as no logging of traffic.
However, changing your DNS settings on your router or device may not have any effect depending on your ISP. ISPs sometimes use a new technology called Transparent DNS Proxy that will redirect your DNS lookups to their own servers secretly. The only way to prevent your ISPs that do this is by using a Virtual Private Network (VPN) service such as ExpressVPN, ProtonVPN, or PIA VPN.
Choosing a public DNS
You can check your current DNS server at www.whatsmydnsserver.com
Public DNS Servers
- Offering different servers based on location for faster speeds
- Not exactly public, ran by a group of volunteers who run an alternate DNS network
- Offers DNS neutrality
- Can choose how much data OpenNIC logs
- Some privacy issue concerns about log data possibly can be viewed by anyone who knows how to set up a Tier 2 server.
- Speed not always great
- Doesn't feature anti-phishing, improved security, or content filters
- Will not control your browsing in any way
- Do not log traffic
- Will not save your IP address
- All logged data is deleted in 24 hours.
- Third-party audits to ensure privacy
- Fastest DNS servers
- DNS query data is shared with APNIC Labs however, Cloudflare claims they will not share user IP addresses.
- Easy setup
- Free and public cloud-based service and a paid plan
- Highly popular
- Protects from malicious attackers
- Uses anycast routing to connect to nearest servers for faster load times
- 100% uptime
- Phishing sites are blocked
- Optional adult content filtering
- History of your internet activity for the past 12 months is logged and available to the user
- Easy setup
- Two free options and one paid option.
- Free, no paid packages
- Offers DNS neutrality
- Doesn't log any DNS queries or record your history
- Doesn’t offer any protection against phishing, malware, or DNS attacks
- Protects against malicious and suspicious domains
- Speed almost as good as Cloudflare's
- Do keep some logs on users
- Run by google
- Not good with privacy
- Two sets of logs of user information stored
- Temporary logs keep data on user IP address and are deleted after 24 to 48 hours
- Permanent logs store random sample data and no IP information or personally identifiable information.
- Not the most private but better than the ISPs that probably log everything forever.
Choosing a DNS server depends on your personal needs. Are you looking for speed, security, or privacy? For speed, I suggest Cloudflare. For security, I suggest Quad9. For privacy, I suggest DNSWatch.
DNS Server IP Addresses
|Google Public DNS||188.8.131.52|
Change your DNS settings
Changing your DNS server can be done on each individual device or you can change your home router settings so that any device connected to your router will use the new DNS server. However, if your cell phone disconnects from the wifi and uses its own network, it will default to the cell phone's DNS settings.
How to change DNS setting