Here’s an item from today’s Tech Net News – “Thousands Of High-Ranked Web pages Infected With Malware, including ……”
We’ve covered this issue here on Tech Thoughts a number of times, most recently in, “How Safe Are Trusted Web Sites? Not Very!”
The following is a brief explanation, from that article, on how cyber crooks manage to infect web sites:
“Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine”.
Unfortunately, your anti-malware solutions may not always protect you from this type of attack, so you should consider additional system hardening by substituting your ISP provided DNS service, with a more secure alternative.
Free alternatives include OpenDNS, Google DNS, and now Norton DNS – a free service (in Beta), that provides faster web browsing with basic security. The additional security is provided by Norton Safe Web, which provides a quick check on each site to make sure that it isn’t a threat. If it is, you are protected from the site, and you will get detailed information on why Norton believes the site is unsafe.
Norton DNS, with Norton Safe Web incorporated, prevents users from visiting sites identified as harboring exploits including.
Viruses
Drive-By Downloads
Malicious Downloads
Worms
Suspicious Applications
Suspicious Browser Changes
Security Risks
Heuristic Viruses
Adware
Trojans
Phishing Attacks
Spyware
Backdoors
Remote Access Software
Information Stealers
Dialers
Downloaders
Norton has not yet provided an install client, but in the meantime, you can make the required changes manually by following the instructions below. At first glance, you may think this is complicated when it fact, it’s quite easy. So, give it a try, and don’t be nervous. 🙂
The screen captures below, reflect the changes I made.
Manual Setup for Windows:
Open the Control Panel from your Start menu.
Click Network Connections and choose your current connection.
On the General tab of the Connection Status screen, click Properties.
On the General tab of Connection Properties, scroll down and select Internet Protocol (TCP/IP), then click Properties.
On the General tab of Internet Protocol (TCP/IP) Properties, select Use the following DNS server addresses, then enter the two NortonDNS IP addresses 198.153.192.1 and 198.153.194.1.
Click OK until each window is closed. You are now using NortonDNS.
To disable or uninstall Norton DNS manually:
Follow the same instructions above, but on step five, select Obtain DNS server address automatically on the last screen (or replace our NortonDNS addresses with your recursive resolver IP addresses).
To ensure that you have in fact, been successful in making the change, visit this Norton page. The page will let you know if you are currently using Norton DNS.
Note: According to Norton, this service is currently only available in English and, not all users in all countries will benefit.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Bill,
Very nice instructions and writeup… Good to see Norton as another player in the DNS game to help keep us from trafficking to the bad guy sites… Amazing how we are witnessing (attempted) protection, not only at the local (machine) level; now at the internet (cloud) level. Again, your professionalism and expertise is shining…
Rick
Thanks Rick,
I like this one since it incorporates Norton’s Safe Web. Like you, I’ve recognized the important role “cloud services”, are now playing in protection strategies. I think you and I called this one, a long time back. Hey, we’re soothsayers!
I appreciate the fact that your comments are always thoughtful, and considered.
Bill
Bill,
I’ve just made the changes you recommended. I’m no tech wizard but the changes were easy to make by following your instructions.
Thanks for always looking out for us.
Liam
Thanks Liam.
I’m happy to hear you found it easy to make the change.
Thanks for dropping by.
Bill
Pingback: Norton DNS – Another Layer of Computer Security « Bill Mullins … | DNS Internet
Hey Bill,
Thanks for all of the timely IT tips and trends. I have been very pleased with OpenDNS up until now. In your opinion would you recommend switching over to Norton (security and speed as considerations)?
Best,
Bob
Hi Bob,
Well, as I understand it – the free version of OpenDNS does not include “protection. As for speed – I don’t think Norton would offer an improvement over OpenDNS. Even if it did, who can count in milliseconds?
Good to hear from you.
Bill
Hey Bill,
Your advice carries the day, I am going to try it out on a windows 7 desktop!
On the OpenDNS free version Phishing and Botnet is included whereas malware site protection requires the paid “Enterprise edition”.
Best,
Bob
Thanks for the explanation on OpenDNS – appreciate that.
Bill
Hi Bill,
That’s a good step toward solving the ip identity problem , guess so. I will sure try this. But is this the same kind that comodo firewall also provides. Thanks for this article , very knowledgeable.
Here’s the short answer Abhijit – no.
Thanks for dropping by.
Bill
Hi Bill,,
Thanks to Norton DNS and You My PC is more safe now than ever ! 🙂
Hey Ahmed,
Norton DNS does offer an increase in security, so hopefully, that translates into increased safety.
Bill
Hey Bill,
It just gets worse and worse with malware doesn’t it? Soon people will be too scared to use the internet. Something has to happen, and soon.
Thanks for the article on Norton’s, definetly going to give it a try.
Cheers
Hey Mal,
WordPress just came back online – it was down for an hour or so, and intermittent before that for 2/3 hours. So, 10.2 million Blogs, including mine, were out of commission.
We’ll never really know why this occurred. WordPress is very creative when discussing this type of service outage. They are absolutely adamant though, that they’re hacker proof, which is total bullshit. No such web site exists. It’s entirely possible they got hacked.
So, you’re right – cyber crime is now virtually out of control. But, even if it gets worse, and it will, the average person will continue to surf until they get hit. At which point, they’ll simply go – duh, what happened? Then they’ll get right back on the Internet, knowing no more than they did before. Sad, really.
Unless we see a concerted international effort to deal with cyber crime, the Internet will slowly crumble.
Best,
Bill
Hey Bill,
I totally agree, and it has to be an INTERNATIONAL effort. This is why the scumbags are so successful because they hide behind national boundaries. Surely to God the authorities know where most of these people are, or can find out. It is time for them to pull their finger out and get real, and just do it. I for one am sick and tired of having to keep up with all the latest security issues. At least I have some knowledge how to do that, but most don’t, they live in blissful ignorance.
I will now get off my soapbox lol.
Cheers, have a good night.
No, stay on the soapbox. But if you find out where I can buy some “blissful ignorance”, let me know. I could use the relaxation. 🙂
Talk to ya later Mal.
Bill
I still prefer OpenDNS, far more control over what’s blocked and allowed, plus reporting and all the other goodies, but this may be good for the non DNS savey.
Hey Dave,
Yes, I think in experienced hands, OpenDNS would be the way to go.
Have a great weekend.
Best,
Bill
Pingback: Follow the Link and You “Takes Your Chances” « Bill Mullins' Weblog – Tech Thoughts
The only problem with all these DNS things is everytime you connect to internet you have to type,not just copy paste the DNS nameservers.
There are some softwares to remember those DNS addresses probably one of those is Dnsjumper which is hosted on the worst and risky file sharing sites.Can you please suggest a clean free software Mr. Bill for this-maybe another is Netprofiles and NetSetman both were on Liberkey and portable,not sure they remembered on restart the IP addresses.
Thanks for writing one of the best tech blogs along with LH,ghacks,addictivetips,raymond
Hi Ruchir,
Thank you for the compliment.
I think you have identified the problem you’re having – “Netprofiles and NetSetman both were on Liberkey and portable,not sure they remembered on restart the IP addresses”.
BTW, we reviewed DNS Jumper here previously – Free DNS Jumper Easily Change Your Default DNS Settings .
Bill
“Unless we see a concerted international effort to deal with cyber crime, the Internet will slowly crumble.”
hmmm….I’ve not heard anyone else say this.
And yet it seems very pertinent.
Bill, how do I get to learn more about security?
Also …….I am new to DNS…..can you expalin to me what this is exactly, since the only DNS I know is Domain Name Servers
Hey Marcus,
I’m not alone in recognizing that the Internet cannot sustain an increasing level of cyber criminal activity. It seems rather obvious that we’re heading for the crunch, sooner, rather than later.
A particularly good way to learn about security is – look closely at your security applications. Why it’s necessary to have security applications in the first place. Understand fully what each one does. How it does what it does. You’ll be surprised how much you will learn.
On DNS, you have the right idea – it does refer to Domain Name Servers. To read a comprehensive article, go to Howstuffworks .
Thanks for visiting.
Bill
Pingback: Test DNS Server Performance « What's On My PC
Pingback: Benchmarking and Selecting the Fastest DNS Servers « TTC Shelbyville – Technical Blog
Pingback: Norton DNS Can Save Your Butt! « Bill Mullins' Weblog – Tech Thoughts
Hey Bill,
I currently use Open DNS like some of the other people commenting. I might try Norton because of the added security element.
In your Screen shots, you change the DNS Ip’s through windows. For Open DNS I changed my DNS IP’s inside my router settings so all my computers would be going through it. Is this the same way or do you have to input the DNS IP’s on each machine.
Thanks
TeX
Hey TeX,
You can enable Norton DNS at your router. I haven’t actually done this, but I assume you would use the same process as you used to set up Open DNS.
Best,
Bill
Hey Bill,
Is there any benefit to implementing NortonDNS if I am already using NIS 2010?
Hey Jeff,
Since this is a Beta product, I very much doubt if is included in NIS 2010.
One way to tell for sure is, visit http://setup.nortondns.com. This page will let you know if you are currently using Norton DNS. If you’re not, you will benefit by making the change to NortonDNS.
Bill