Although it sounds like a movie, the FBI on July 9, 2012 cut all the computers in the world that were infected with DNSCHanger malware off the internet . The history of this virus leads us to talk again about that mysterious, but fundamental, internet protocol called DNS, which, in two words, is the website name resolution system . DNSChanger is the name of a virus, for Windows and Mac, quite well known on the internet capable of changing DNS parameters, directing visits from the infected computer to fraudulent sites. Today, companies like Microsoft, Google and Mozilla are making progress with DNS over HTTPS ( DoH ). This technology encrypts DNS searches, improving online privacy and security. In this article we therefore see how you can better protect your internet connection by protecting DNS traffic .
What is DNS "> Navigaweb.net ", a computer somewhere in the world is translating the internet address into an IP address. These computers are called DNS servers, and are the backbone of the internet.
Every Internet provider (like Telecom or Fastweb) connects with some DNS servers by default. A virus like DNSChanger changes these settings and configures the connection to connect with DNS created specifically to hijack the web. If a hacker can control a user's DNS servers, he can also control which sites he connects to and can make sure that, if the user writes the address www.google.it, it ends up in another site completely different and dangerous.
If you are affected by a DNS virus, then the ideal is to perform a live antivirus, with virus scan at boot of the computer or using a portable antimalware that can be downloaded already updated.
To protect your web browsing from problems of this type, from viruses and from possible external spies, a simple and basic method can be to use manually specified DNS servers, different from those predefined by the provider.
In Windows 7, go to Control Panel -> Network Connection Center -> Change adapter settings, right click on the network card used to connect to the internet, select the TCP / IPv4 internet protocol, click on Properties and then on " Use the following DNS server addresses " to write primary and secondary DNS.
You can set up DNS with OpenDNS or SecureDNS for secure internet, some use Google DNS, others use OpenDNS or Comodo SecureDNS servers.
You can also use a program to change primary and secondary DNS with the faster ones, dynamically changing it and always using the one that responds more quickly.
The popular OpenDNS has also created a tool to protect the internet from DNS-related security problems.
The program for Windows and Mac DNSCrypt encrypts connections to websites so that no one can intercept them from the outside. Theoretically, with DNSCrypt it is impossible that your internet connection can be hijacked on fraudulent sites (for example, some viruses make sure that, by opening sites like poste.it, a fake, identical site with the same name is opened).
As I see it, if you surf from home or office with your PC protected by antivirus, this tool is not necessary. Instead, it is useful to install it on a laptop that is often used to connect from different networks such as, for example, public Wifi (at the airport, in hotels or in internet cafes).
DNS over HTTPS or DoH
Soon this type of program will no longer be needed, because DNS protection will be integrated into web browsers. already today it is possible to activate DNS protection over HTTPS on Chrome Firefox and Edge .What is DNS over HTTPS?
The web has pushed towards encrypting everything by default. At this point, most websites that you access use HTTPS encryption and modern web browsers like Chrome now mark any site that uses standard HTTP as "unsafe". This encryption ensures that no one can tamper with a web page while you are viewing it or stick your nose on what you are looking at online. For example, if we connect to Navigaweb.net, the network operator, whether it is a company's public Wi-Fi hotspot or Telecom and Fastweb, it can only see that we are connected to the navigaweb.net site, but they cannot know which article we are reading and cannot modify a Navigaweb article during the transit.
The only vulnerability in the connection chain to a website is DNS. DNS searches are not encrypted, so the network provider or the manager of a wifi hotspot can always know which site we are connecting to.
DNS over HTTPS closes the encryption circle and allows the browser to establish a secure and encrypted connection to the DNS server . Anyone in the middle will not be able to see which domain names we are looking for and will not even be able to tamper with the answer leading us to visit a different site.
To enable DoH in Chrome you need to open a tab at chrome: // flags / # dns-over-https and enable the Secure DNS lookups option. Restart CHrome by pressing the button at the bottom to activate DNS over HTTPS protection. Finally, it is necessary to use DNS servers such as those of Google or OPENDNS seen above that support DoH.
Finally, I would like to point out that protecting and encrypting requests to the DNS server does not however hide internet browsing data because all other protocols remain free and visible from the outside. If what you want is complete anonymity, the only tool to use is TOR which guarantees absolute online privacy.
