Menu
homeWindows 7

What is a DNS server, how to find out your preferred provider address, replace it with Google Public DNS or alternative options. Enabling and configuring the DNS server

In my childhood, to prevent their children from falling into “bad company,” many parents left their children to sit at home. It was more reliable this way: on TV there were only “correct” films, and in the newspapers there was nothing superfluous. Now times have changed, most children cannot be kicked out into the street, everyone sits at home in front of their computers. But the current gatherings do not at all guarantee that children will not fall under the influence of “bad company.” After all, at home there is the Internet, which contains a lot of things that I, in particular, want to protect my children from.

How to protect children from unnecessary information

There are many options, for example, you can stand behind your back and see who is visiting which sites :-). But no matter how funny it may look, this method is completely impossible to implement when you are not at home. And I know of cases where mothers took computer power cords with them to work, in the hope that the child would not be able to use them. And in this regard, one question arises: why buy a computer for home if you don’t let your child use it? After all, it’s enough to configure it correctly and you won’t have anything to worry about.

Parental control

One option for filtering Internet content is to use the “parental control” functions that are built into many antivirus tools, for example, Kaspersky Internet Security for all devices. Or, you can purchase separate specialized software that will limit visits to resources harmful to children.

Secure DNS servers

However, the simplest, free and effective solution would be to use special DNS servers, which simply will not allow your computer to connect to an unnecessary site. By default, your computer automatically receives your ISP's DNS servers or public DNS servers, which do not perform any filtering. Which, in principle, is correct, because they do their job - they provide information about the correspondence between the domain name and the real server address.
But since the DNS server is not only hardware, but also software, it is easy to reconfigure it so that the server does not issue IP addresses for “harmful” sites to your computer, as if these sites do not exist.
This task is sometimes impossible for the average user, and the problem of filtering the Internet in order to protect children from unnecessary information is growing every day. Therefore, several companies have opened free public access to their DNS servers that use child filters.

Secure DNS Yandex

Yandex.DNS is a Yandex company service for protecting your home network. This is a free DNS service that works in three modes:

  • Basic mode. When using this address, no resources are blocked (no filtering mode).
  • Safe mode. When using this address, websites that may be potentially dangerous for the User are blocked, for example, those infected with malicious code or distributing malicious files, as well as websites that have signs of fraudulent (presumably created to extort money, steal passwords and other personal data, etc.) .P).
  • Family mode. “Safe Mode” functionality + websites with pornographic and/or erotic content are blocked (including links to other resources of similar content or topics).

Yandex.DNS IP addresses

Mode Primary IPv4 DNS Secondary IPv4 DNS
Base 77.88.8.8 77.88.8.1
Safe 77.88.8.88 77.88.8.2
Family 77.88.8.7 77.88.8.3

Secure DNS Norton

Norton DNS is an Internet service from Symantec Corporation that provides public DNS servers for public use:

  • With blocking of malicious sites (Security (malware, phishing sites and scam sites))
  • With blocking of malicious sites and sites for adults (Security + Pornography)
  • With blocking of malicious sites, sites for adults and sites that distribute files (Security + Pornography + Non-Family Friendly)

    Norton DNS IP addresses

Mode Primary IPv4 DNS Secondary IPv4 DNS
Security 199.85.126.10 199.85.127.10
Security + Pornography 199.85.126.20 199.85.127.20
Security + Pornography + Non-Family Friendly 199.85.126.30 199.85.127.30

Secure DNS Comodo

Comodo Secure DNS is a service from Comodo, within which the Comodo Group provides DNS servers free of charge. This DNS solution is an alternative to DNS servers offered by your ISP. The idea is that all DNS requests will go through Comodo servers, where malicious sites will be filtered.
As a leading provider of computer security solutions, Comodo is acutely aware of the potential dangers on the Internet. SecureDNS checks in real time a blacklist of harmful sites (phishing sites, malicious sites, spy sites, and sites that contain excessive amounts of advertising, including pop-up messages, etc.), and will warn you when you try to access the site with potentially dangerous content.

IP addresses Comodo SecureDNS

Mode Primary IPv4 DNS Secondary IPv4 DNS
SecureDNS 8.26.56.26 8.20.247.20

Secure SkyDNS

SkyDNS is a Russian cloud Internet service that provides content filtering services. The service operates both free and offers commercial products for individuals, organizations, educational institutions and telecom operators.
In free anonymous mode, the service blocks phishing sites and malicious sites with malware, viruses and Trojans. In the authorization mode, you are given the opportunity to independently manage and select categories of sites to which access is blocked.

SkyDNS IP addresses

Mode Primary IPv4 DNS Secondary IPv4 DNS
SkyDNS 193.58.251.251

Whose DNS service is better?

I think there is no perfect service. But in order not to lose speed, you should choose those servers that are located closer to you. For residents of Russia, these are Yandex.DNS and SkyDNS.

The best way is to check the speed of DNS servers using the method described in this article -

How to set up DNS on your computer

To change DNS settings, or rather to force the operating system (computer) to use secure DNS servers in Windows 7, you need to go to Control PanelNetwork and InternetNetwork Connections and select your network adapter.

In the next window, click the “Properties” button

Next, select “Internet Protocol Version 4 (TCP/IPv4)” from the list and click the “Properties” button.

Write down the IP addresses of the desired DNS servers. And click "OK" in all windows.

In other versions of Windows we do it by analogy.

How to find out and where to see the DNS servers used

To find out which DNS servers are used by the operating system, run the following commands in the console:

Ipconfig /all

Check that the values ​​match your settings.


Next, it is advisable to reset the DNS cache of the operating system.

Ipconfig /flushdns

Setting up a home router

If there are several computers at home and they all connect to the Internet through a router, then there is no point in setting up each of them. Moreover, children can get rid of your “concern” by returning the DNS settings to default values. It is better to configure your home router to use secure DNS. Then all devices on your home network, be it a computer or a tablet, will automatically use secure DNS.
There are a great variety of router models. The settings for each of them are individual, and it is not possible to provide detailed instructions for each of them in the article. In general, you should configure the distribution of DNS server addresses to clients on your home network so that they receive secure DNS data.
In my router it looks like this:

P.S.

May our children have a happy childhood.

So, here you go DNS is one of the fundamental things on which the entire Internet is built. This abbreviation stands for Domain Name System, which means domain name system.

I already touched on this issue (the structure of the domain name system) when I talked about it, but only in passing. Today I want to talk about the role of DNS servers in the operation of websites and the entire Internet as a whole.

Why do we need DNS servers and what are they?

The domain name system operates with full names (Latin letters, numbers, dashes and underscores are allowed when forming them)..120.169.66 is not very informative) and it is easier to operate with them.

The latter relates specifically to the human factor, because it is still more convenient for machines to use IP addresses, which is what they do... But he understands that this is a domain name, which means information about what IP the site is located on, he will be able to get from the DNS server.

It is on these DNS servers (sometimes they are also called N.S. from the Name Server, i.e. server names) and the entire Internet is supported (like a flat world on three whales standing on a turtle). which does not require direct human participation in its work (if you set it up, it works 24/7). And there are a lot of such DNS servers on the network.

How does DNS work and what does the Hosts file have to do with it?

At the dawn of the Internet, DNS didn't exist at all. But how did the network work then? .120.169.66? The so-called was responsible for this matter then (and now too), where all the hosts of the then small Internet were registered.

Such a file was (and is now) on every user’s computer (yours has it too) connected to the network (see the link above for how to find it).

In the Hosts file several thousand lines were written (according to the number of sites on the Internet at that time), in each of which the IP address was first written, and then the corresponding domain, separated by a space. This is what an entry for my blog would have looked like if it had existed on the Internet twenty-five to thirty years ago:

109.120.169.66 website

Good luck to you! See you soon on the pages of the blog site

You can watch more videos by going to
");">

You might be interested

Server - what is it?
Buying a domain (domain name) using the example of the Reghouse registrar WHOIS services - information about the domain (whose it is, what is its age and history, when it is released) or IP address
The Hosts file - what is it, where is it located in Windows, what should a webmaster do with it and how to remove virus entries from it
Checking for employment and purchasing a domain name, what is the difference between domain registrars and resellers and what is WHOIS How to register a domain (buy a domain name from a registrar)

DNS Internet filter is an Internet service that allows you to filter unwanted servers on the Internet by their domain names. For example, the site www.virus.org spreads a virus to the computers of users who access it. If such a user has a DNS-based Internet filter connected, then instead of the infected site the user will see a message about blocking the dangerous site. The same thing will happen with a fake site that tries to steal your social media passwords or credit card numbers.

Another area of ​​application for such filters is child safety on the Internet. Such services allow you to block not only sites with pornography and violence, but also sites containing any links to them. As a bonus, some internet filters can also block annoying online advertisements.

A significant advantage is that there is no need to install any software on the protected computer. All that needs to be done is to enter the required DNS server address in the computer’s network connection settings, which will act as a filter.

How does a DNS filter work?

Very simplified it looks like this:

  1. The user enters the website address in the browser bar.
  2. The computer converts the symbolic address of the site into an IP address using the DNS service. Thus, a request with the site address is sent to the filter server.
  3. If the site’s address on the DNS server is not on the black list, then the user’s computer is given the IP address of the server serving the site and the user receives the site’s contents in the browser window.
  4. If the site’s address is on the DNS server’s blacklist, then the user is given the IP address of a special web server, which displays a message in the user’s browser window about the site being blocked.

As you can see, everything is simple and generally quite effective. The scope of these services is not limited to home PCs. If you are an enterprise network administrator, then these services will provide additional protection for your network; simply configure the resolution of Internet addresses of your network through a DNS filter. You can also use filtering on mobile devices such as smartphones or tablets.

Public DNS filters

Today there are many similar services and most of them offer filtering capabilities for free. Many antivirus companies have their own private and public DNS filters. Next, I will list the most famous public services that have already been tested by time and people.

  1. Google public DNS server. This server was essentially created not for filtering, but to speed up the Internet due to very fast resolving, but in addition, public DNS from Google also filters phishing and malicious servers. In addition, this server can work over IPv6
    Google DNS addresses:
    IPv4 8.8.8.8, 8.8.4.4
    IPv6 2001:4860:4860::8888, 2001:4860:4860::8844
  2. OpenDNS— perhaps the oldest DNS filter. There are paid and free options. It can correct incorrectly typed website addresses, and also displays a page with search and advertising if the address could not be corrected automatically. Has profiles for Parental Control available for free after registration. Without registration, fast resolution and filtering of malicious servers is declared.
    OpenDNS DNS addresses:
    208.67.222.222
    208.67.220.220
    https://www.opendns.com/
  3. SkyDNS— one of the first domestic services. There are paid and free plans. It is possible to manually compile black and white lists, block sites by category, block ads, and statistics. The free plan has limited options for manual blocking, statistics only for the month, etc. Without registration, the service filters only phishing and malicious sites. There are parental control capabilities by filtering dangerous sites and replacing search engines with safe search from SkyDNS. Account management on the website or through an application installed on a computer running Windows.
    SkyDNS DNS Address:
    193.58.251.251
    http://www.skydns.ru
  4. Yandex.DNS. Public DNS filter from the domestic search giant. No registration required. Involves 3 usage scenarios 1) Fast and reliable resolution 2) Resolution + filtering of dangerous servers 3) Resolving + filtering of dangerous servers + role control. Search engine data is used to compile blacklists. The server supports IPv6.
    Yandex DNS server addresses:
    Basic IPv4 77.88.8.8, 77.88.8.1, IPv6 2a02:6b8::feed:0ff, 2a02:6b8:0:1::feed:0ff
    Secure IPv4 77.88.8.88, 77.88.8.2, IPv6 2a02:6b8::feed:bad, 2a02:6b8:0:1::feed:bad
    Family IPv4 77.88.8.7, 77.88.8.3, IPv6 2a02:6b8::feed:a11, 2a02:6b8:0:1::feed:a11
    http://dns.yandex.ru/advanced/
  5. Norton ConnectSafe. Secure DNS servers from Symantec. As in the case of Yadnex, it does not require registration for personal use. It has a similar structure of servers in 3 categories: 1) Safe 2) Safe and porn 3) Safe, Porn and other things undesirable for children.
    Norton DNS addresses:
    Secure: 199.85.126.10, 199.85.127.10
    Safe+Porn: 199.85.126.20, 199.85.127.20
    Parental control: 199.85.126.30, 199.85.127.30
    https://dns.norton.com/

This list is, of course, not complete, but these are, in my opinion, the most interesting and popular servers that should be used as the first line of filtering and defense of a home computer network or enterprise network. It is important to understand that the use of these services in no way excludes the need to use modern and up-to-date antivirus tools, such as Kaspersky Anti-Virus, for example;).

Which DNS filter to choose?

You may be wondering which of these services to choose. From personal experience I can recommend the following selection algorithm:

  • By speed: SkyDNS, Google, Yandex
  • By functionality SkyDNS, OpenDNS
  • Security Security Yandex, Norton, Google

To test the performance of the DNS servers described above, I used the DNS Benchmark utility, the results are sorted by response time.

As you can see from my network, SkyDNS turned out to be the fastest, followed by Google, then Yandex servers (With full filters for parental controls). The situation on your network or at other times of the day may differ. It's best to test each service yourself! Each service has its own algorithms for constructing blacklists, so there is a possibility of false blocking of trusted sites. In my opinion, Yandex servers look like a good middle ground.

Write in the comments what you think about this! I will be glad to have links to other similar services and authoritative (supported by arguments) critical statements on the topic.

When talking about securing your Internet connection or accessing blocked content in your geographic area, you've probably heard about DNS. Although all providers provide their own default DNS server, you can use an alternative one. The DNS service is used to determine the IP addresses of websites based on their domain. Everything is very simple - in fact, there are no letter addresses on the Internet like a website; all communications and messages between computers are carried out via IP address. To determine it by domain name, DNS servers are used, which store a huge table of correspondence between domain names and IP addresses.

Using an alternative DNS server provides several benefits:

  • The closer you are to the DNS server, the faster name resolution will be.
  • If your provider's DNS is not very reliable, an alternative DNS will improve stability.
  • You will get rid of restrictions on access to content based on geographic location.

If these reasons, or at least one of them, interest you, it's time to set up a DNS server on your system. In this article we will talk about how to set up a DNS server in Linux, how to find out its speed, and also look at the best DNS servers. You can choose the best one depending on your needs.

Since our site is still about Linux, let’s look at how to set up Linux DNS servers. The DNS server settings in any Linux distribution are located in the /etc/resolv.conf file. The DNS server address is specified in the following format:

nameserver 192.168.137.1

Here 192.168.137.1 is the DNS server address. But the setting in this file will only work until you reboot, since this file is regenerated every time the system boots.

If you use NetworkManager, you can configure the DNS server there, in the connection properties. Open network connection settings, click in the context menu ANDchange for the desired connection, then on the IPv4 tab specify the desired DNS server:

Now the settings are saved even after a reboot.

You can test the speed of the DNS server using the utility nslookup. For example:

time nslookup www.google.com 208.67.222.222

Server: 208.67.222.222
Address: 208.67.222.222#53
Non-authoritative answer:
Name: www.google.com
Address: 173.194.113.209
Name: www.google.com
Address: 173.194.113.212
Name: www.google.com
Address: 173.194.113.210
Name: www.google.com
Address: 173.194.113.211
Name: www.google.com
Address: 173.194.113.208
real 0m0.073s
user 0m0.012s
sys 0m0.004s

The first parameter is the address of the site that we will measure, the second is the DNS server address. Team time measures execution time nslookup in milliseconds. Now let’s move directly to the list of “good DNS servers”.

Best DNS Servers

1. Google Public DNS

The first DNS server on our list is a server from Google - Google Public DNS. It has been operating since December 2009 and its goal is to make users' online experience faster, safer and more convenient. It is currently the largest government DNS entity in the world. To use Google Public DNS, you only need to use the DNS server IP address 8.8.8.8 or 8.8.4.4.

Switching to Google Public DNS improves security and optimizes speed because Google actually uses Anycast routing to find the nearest server. Additionally, it is resistant to DNS Cache attacks as well as DoS.

2.OpenDNS

If you're not just looking for a replacement for regular DNS, but an advanced version that gives you more control, try OpenDNS. According to the company, you will take another step towards security by implementing this service. There are two options for OpenDNS - home and corporate. The home version comes with parental controls, phishing protection, and improved speed. The enterprise version of OpenDNS has full functionality to protect the enterprise network. For home use, you can get OpenDNS for free. To configure Linux DNS servers, simply set the following DNS addresses: 208.67.222.222 and 208.67.220.220. OpenDNS also supports Anycast.

3. DNS.WATCH

DNS.WATCH is a minimalist DNS service that allows you to have fast internet access without censorship. Because this service is built on freedom principles, you can be sure that your request will reach its target and no redirects will be used. The server is fast and stable. If you live in a censored country, this will be a great solution. DNS service servers: 82.200.69.80 and 84.200.70.40.

4. Norton ConnectSafe

Norton ConnectSafe is another DNS service designed to enhance your Internet security. It should be noted that Norton has been involved in the security aspects of many devices for a long time. So you can be confident in the quality of Norton ConnectSafe. The service offers three different protection options: protection against malware, phishing and scams, protection against pornography and other threats. Each type uses different IP addresses. To protect your entire home network, simply configure your router.

5. Level3 DNS

Level3 DNS is a great DNS service if you are looking for a reliable DNS server with excellent performance. While Level3 isn't as big as Google, it has an impressive infrastructure. You can be sure that the speed will be at the highest level. DNS server IP addresses: 209.244.0.3, 209.244.0.4, 4.2.2.1, 4.2.2.2, 4.2.2.3 and 4.2.2.4.

6. Comodo Secure DNS

Comodo Secure DNS is another service that combines speed, reliability and security. Comodo uses a huge network that includes a large number of DNS servers. Speed ​​will be optimized by selecting a server based on your location. In addition, Comodo takes care of security by supplying a list of dangerous sites, and the DNS service will make sure that you do not visit any of them. Comodo Secure DNS IP addresses: 8.26.56.26 and 8.20.247.20.

7.OpenNIC DNS

Although OpenNIC DNS is last on the list, it is a great solution if you want free access to the Internet without government censorship. OpenNIC DNS has a very large network infrastructure and therefore will most likely find a DNS server that is close to your physical location. Just select the desired server from the list.

conclusions

As you can see, some of these servers provide regular DNS, bypassing ISP restrictions, while others have additional capabilities - protection against attacks, phishing and dangerous programs. All of them are the best DNS servers and you can choose one of them depending on your needs.

Computers on the network (including the Internet) do not have names; data transfer is carried out using IP addresses.

IP address(Internet Protocol Address) - a numeric address on the Internet, looking like 123.123.123.123. IP addresses are difficult for humans to remember, especially when you visit dozens of sites a day with different IP addresses.

Similar to how you save phone numbers, you can keep a contact book or phone directory for IP addresses. The role of a telephone directory on the Internet is performed by DNS(Domain Name System), domain name system. When you enter a domain name in an Internet browser, it is converted via DNS to an IP address, which is used to access the server.

In fact, DNS servers store not only the IP address of the server, but also other data such as DNS resource records “MX”, “TXT”, “A”, “CNAME”, “SOA”.

DNS servers, which store information about thousands or millions of domains, are often hosted on separate, powerful servers. In such cases, the expression “DNS server” can mean the entire software and hardware complex (server and program itself).

Why register DNS servers for a domain?

When you register a new domain name, no DNS server on the Internet knows about it. And until information about your domain appears on the Internet DNS servers, neither the website, nor the mail, nor any other services will work.

In order for DNS servers on the Internet to know about your domain, someone must tell them, and this someone is the DNS server that you register for your domain. It plays the role of a “herald” who always keeps the latest information about your domain. For example, the hosting DNS servers ns1.hosting.site and ns2.hosting.site store information about domains that are connected to the hosting site.

About the differences between DNS servers ns1.hosting..hosting.site And ns1..site and read about which of these pairs is right for you.

DNS servers are registered in pairs, this is done for better fault tolerance: if one DNS server fails, the other will remain working.

Scheme for determining an IP address by domain name

This diagram briefly explains what happens when you want to visit a particular site.

  1. 1 Your computer contacts the DNS servers of your Internet service provider ( arrow 1). The provider's DNS servers look for the IP address in their cache (an intermediate buffer with fast access) and, if they find it, they give you this IP and by IP your computer accesses the server on which the site is hosted ( arrow 7).
  2. 2 If the “domain-IP address” pair is not in the cache, then the provider’s DNS server makes recursive queries to the root DNS servers ( arrow 2), of which there are only a few around the world. Changes in domain settings on root servers are not updated instantly, but every few hours. For example, changes in the root DNS servers of the RU zone are updated only 4 times a day. Root servers return the addresses of the domain's DNS servers ( arrow 3) on which the DNS zone of the domain is stored.
  3. 3 Having received the addresses of DNS servers, the provider makes a request to one of them ( arrow 4), receives the required IP address in response ( arrow 5), stores it in the cache (so that you don’t have to contact the root DNS server every time) and passes it to your browser ( arrow 6).
  4. 4 And only now that the browser has the site’s IP address can it contact the hosting server on which the site is located ( arrow 7), and can display it on your computer screen ( arrow 8).

So:

  • Information on root servers is updated only a few times a day.
  • Internet providers, as a rule, update the DNS server cache no more than once a day (some providers update the cache even less frequently, but usually no more than 72 hours), so if after registering or transferring a domain (changing DNS servers), The site didn't work right away, don't worry - just wait a while.
  • To check if DNS has been updated, use .

The above-described structure of DNS operation is greatly simplified; for details, you can refer to the reference literature on the Internet.