Last week’s article covered the theory and background of using DNS as an additional security layer, although I didn’t quite get into explaining how it all works, how to do it, and so forth. That’s what this article is for. If you have not read that article, I suggest you do so before you read this one, or else you might find yourself a little lost.

Alright so, how it works. Using a specialized DNS server such as OpenDNS allows for several preemptive security measures to be implemented that benefit your computer(s). Namely, it allows for:

1) Web content filtering: Great, right? especially if you know what that means. Basically, it’s the ability to control what types of websites can be displayed on your computer(s). Good if you’re a parent at home, or have a small office and want to make sure there is no inappropriate content being loaded in your computers at work. Also that by itself provides extra security. I’ll explain: By having he ability to filter out, let’s say, adult-themed, gambling, P2P sites (peer to peer, websites that allow users to share files and programs, used a lot for illegal file sharing such as music and licensed software), you are closing the door to some of the most heavily loaded types of websites when it comes to virus infections. One useful category you can filter out is “advertisements”, which will make some annoying ads in websites not show. But you get the idea. It gives you control over what types of content your computer(s) can access on the Internet.

2) Also, it includes anti-phishing capabilities (phishing: A common method used by cyber-criminals to steal your information by luring you into accessing what pretends to be a legit website, such as your online bank for example, and asking for your credentials with the purpose of stealing them), which makes it harder to fall prey to these type of scams.

3) DNS security protects the most vulnerable level of your computer(s) against the latest Internet threats, including viruses and other types of malware.

There are other advantages, which I will mention as we go along, but enough theory. Now, let’s get into action.

Note: Although I’ve tried to keep it at a very basic level, this requires at least an intermediate level user. Novice computer users might find it hard to get this done, and additionally might break something  in the process. So consider yourself warned, if you’re not an intermediate user or above.

Ok so the first thing is go to https://store.opendns.com/get/basic and register a free account with OpenDNS.com. Once you’ve done that, the next step is to adjust (change) the DNS server from what you’re currently using to OpenDNS. If you’re doing this for home and you have only one computer, you can just change your computer settings and be done with it. If you’re doing it for home and you have several computers sharing the same internet connection through a router or a gateway, it’s advisable to change the settings at that level. If you have a small company with a setup that resembles a home network, the same applies. For middle or big companies there might be a different approach. But in that case you probably have already somebody in charge of your computer needs (or maybe that somebody is you, reading this article). I won’t go into what to do in that case, since  my usual readers ranges from the individual home user to a small office user/administrator with a home-network-like setup.

Fortunately, once you have registered an account with OpenDNS.com and decided which device you’re going to use to set the DNS server, you can click on that device in the page you’ll find after signing in, and there are step-by-step instructions on what to do depending on at which level you’re setting the DNS server setting. I say fortunately because that saves me the work of writing such detailed instructions 🙂

So if you have gotten this far with success, congratulations. You have made your computer(s) more secure. There is only two more things I’d like to add before I make this article too long. The first is, you can now go to your OpenDNS account dashboard and set content filtering, good for parents at home, and bosses at work, as mentioned before. Go to https://www.opendns.com/dashboard/settings/ and choose your network (add it first if this is the first time you’re using the dashboard) and then you can set it to one of the preset levels, or customize it to block certain specific categories of your choice.

The second thing I wanted to mention is there is a chance you’re done all the right steps and there seems to be no result in terms of your computer(s) now using OpenDNS (click here to find out if you have successfully set up OpenDNS in your computer). There are 2 or 3 possible reasons this might occur but I’d rather not get into that here as it would go over the general level I try to keep for my articles, so feel free to contact me if you have any questions or problems with this you cannot sort out by yourself. Also, if you’re a parent trying to set content filtering at home for your kids, beware that unless you’re a rocket scientist your kids probably know more about computers than you do, which means they might know how to circumvent your content filtering attempt. Thankfully, you have me on your side and can ask me if something is not working the way it should or if you want to make sure your security measures are not being circumvented by your kids. I swear kids these days seem to be born with a netbook in their hands or something, they easily outperform their folks when it comes to computer related stuff.

So there you have it, one last layer of protection to keep your computer from getting infected or your private data stolen. Remember, this is just one layer which means there are others, and only through an intelligent implementation of all the layers covered here, here and in this article can you have a comprehensive level of security that makes you unlikely to become the victim of a successful computer attack.

What better way to start the new year than learning about and implementing an additional layer of security in your computer(s)? This one I’ve used for some time but never got around to write about it.

I’m going to backtrack to some basic technical stuff that although I might have covered before, wanted to include here in the name of this article’s self-sufficiency. First, a term, domain name. For practical purposes and in the context being used here, a domain name could be said to be a label that identifies a website. Thus, remotehelpexpert.com is a domain name. So is yahoo.com, google.com, and so on. You get the idea.

Ok, so, Domain Name System (sometimes Server, or Service) or DNS, refers to the translation of a website’s name into its numeric address. Every domain has a name (in letters) and an address (in numbers). If you enter “remotehelpexpert.com” in your web browser’s address bar and press enter, the computer needs to find out what is that domain name’s numerical address to be able to find and display that website for you.

Of course due to various factors, two or more domains might share the same numerical address. Conversely, one domain might have more than one numerical address. This all might seem complicated but it’s actually pretty simple. The important thing is that what the computer uses to translate the name of a domain into its numerical address is called DNS. When the computer is able to use DNS to find a domain’s numerical address, it is said to have resolved it. Thus, DNS resolution. The computer that is asked the question  “what is the address of this domain name?” and answers it is called a DNS Server and it’s out there in the Internet. Its counterpart, most of the time your computer, is the DNS client.

Ok, you might say, let’s pretend for a moment everything that has been said so far is true. What does it all have to do with increasing security for computers? Patience, young grasshopper, we’re almost there. More often than not, your ISP (Internet Service Provider, the company you pay to have internet access) will have its own DNS servers, and typically your computer(s), or the device that connects your computers to the internet will have been set up to use those particular servers to perform the aforementioned function. But that can be changed. Why would one want to change it? Well, some DNS servers offer a number of additional services that the role of DNS server is uniquely fit to perform. Thus, we finally arrive to the starting point of this article.

But unfortunately, just as we’re about to really get started, we have run out of time. Figured I’d better break down this subject into two articles, so I can cover in detail the background theory and then what to do and how to do it and the advantages to be gained from all that. So stay tuned for next week’s article – the second and final part of this subject!