Securities...

DNS. Simple. Of the home variety.

Countless of us grew up in a world where our parents took every opportunity to block the portals of smut and other inappropriateness via cable TV. Some parents went so far as to remove the objectionable pages from their preteens comic book or magazines. But, these days, those very same parents (now grandparents) likely have no idea what is available to their grand kids a friends with a wifi key and the smallest of imaginations.

I mean, you wouldn’t leave your home unattended during a war would you? For most families this is precisely how they have configured their home networks. After many conversations with parents, educators, coworkers and the like, it occurred to me, almost no-one is doing the simplest things to secure their home and family, much less their finances. In this piece I’m taking a break from finance for just a brief. Although, if you are concerned about financial security, you almost certainly are concerned about this topic.

The good news is, there a security option as simple and cost effective and locking and closing your doors. I will present two versions, the free 2 minute implementation and the upgraded low cost more customizable version.

DNS Filtering

First of all, I’m talking about DNS filtering. What is DNS? It stands for Domain Name System and it represents the network application that translates your URL words into IP network addresses. It’s the best place for security because it is the single point of entry and exit into your home or office. You need control of this application! The following diagram illustrates this relationship:

Option 1: Simple Implementation

There are several options to use a free, predetermined filter by making two simple changes to your routers DNS settings (primary and secondary). Consult the manufacture on how to do this with your specific router model. Some of the most common models are described here. The most important thing to understand is that this is someone else’s filter configuration. Scroll to Option 2 to create your own.

OpenDNS: https://www.opendns.com/setupguide/#familyshield

Cloudflare Family: https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

Option 2: More Customization

Following the same concept as the free version, you can configure and control your own version with provider like NextDNS. By simply signing up, you qualify for a free custom DNS with up to 300k queries a month. If you’re like me and run a trade station application, you likely request that many in less than a week. For us, they charge a annual fee of only $20 to provide unlimited queries. While option 1 is extremely effective at filtering the most obvious, high traffic malicious sites. I found that NextDNS “premium” against the compromised domain list was even 50% more effective than option 1.

There are other competitors in the space such as Cloudflare, OpenDNS, Cleanbrowsing, adguard, Quad9, DNSfilter, however, I found none were as affordable for the average home than NextDNS. DYOR.

Below is the configuration panel for parental controls:

There is even controls for SafeSearch and YouTube Restricted. These controls are fairly limited, but they will control exposure to malicious or inappropriate images and content returned from search. YouTube restricted videos, such as the kind for YouTube shorts are removed from the display. (this will not prevent you from watching 8 hours of cat videos though)

Now that you’ve stopped porn, tiktok and the other obvious stuff, there are additional benefits related to add blocks and other semi-spyware, tracking capabilities. You get these for free.

If you find the service is overly restrictive in some way (not my experience), you can adjust via “Allowlist” option. Likewise, if the opposite true, blacklisting is provided via the “Denylist” pane. These are helpful capabilities you can adjust as you review traffic logs. One thing is certain, the internet will always seek to catch up to our security. It’s important to continual improve.

Lastly, keep in mind, logs and other metadata are likely available to NextDNS if they were to ever be pressured to turn over to authorities or have a security compromise. This is not a risk that I view very highly.

**UPDATE

I’ve concluded some basic testing on the mobile app and concluded it is simple and effective. You simply create an admin password that controls whether the device authenticates to your DNS filter or not. The app is free with your NextDNS account. This is a simple, effective roaming control that is administered in one place. This is very valuable if you need to construct more complicated black/white list customization!

If you are interested in NextDNS, please use my affiliate link:

https://nextdns.io/?from=q89j6wjf

5GF has no affiliate or sponsorship for this review. The opinions expressed are our own.