There is a way to enhance your network security just by changing a setting in your router or computer. Quad9, a non-profit DNS provider, offers filtered DNS as a free service. But first, let me explain what DNS is.
DNS = Domain Name System
DNS is the internet system that allows computers to locate each other. When you request a web site in your browser, your computer carries on a brief conversation behind the scenes. It takes the web address you’ve asked for, reduces it to just the domain name part, and then asks DNS for the network address of that domain. For example,
You: “Browser, show me https://www.computasssist.com/support!” (You make that demand by clicking a link, a bookmark, or typing the address into your browser.)
Computer: “Hey, DNS server, what’s the IP address of www.computassist.com?”
DNS server: “Computer, that address is 184.108.40.206!”
Computer: “220.127.116.11, show me your page at /support.”
You: The page appears on your screen.
That’s regular plain vanilla DNS. What filtered DNS does is check your request against lists of known bad sites. Quad9’s DNS filters out sites known to push malware attacks. So the above conversation would go like this:
You: “Browser, show me https://www.badsite.com/iamunaware!”
Computer: “Hey, DNS server, what’s the IP address of www.badsite.com?”
Quad9 DNS server: “Computer, that address is in my list of bad sites, so I am going to hand you a Domain Not Found result!”
Computer: “Hmm, that domain does not resolve, so I have to show the Site Not Found error.”
You: The Site Not Found page appears on your screen.
Computer: continues operating normally, having not been attacked by a malicious site.
Changing your DNS settings
The best place to set up Quad9 DNS is in your router. This protects every device on your network that uses auto-DNS configuration (probably all of them, unless you have manually altered network settings.) Every brand of router is different, so you will have to search for the steps to change your router. You are looking for the DHCP configuration, and within that, the DNS server IP addresses that are set there. Replace whatever is there with 18.104.22.168 to begin using Quad9 DNS. The next time your devices renew their network connection, they will be using Quad9.
If you don’t have the router admin password or are locked out of the router, Quad9 provides help on how to set your individual computer to use their servers. This will only protect the device on which you make this change, so change your router instead, if possible. But if not, the Quad9 setup page will walk you through the procedure for Mac and Windows.
Modern network security is layer-upon-layer of defensive strategies. I highly recommend DNS filtering as one of those layers. This one is free and easy, so why not add this layer to improve your security?