G.L.I.T.C.H

DNS Explained: The Secret System Behind Every Website Visit

3 min read Security

Why Do We Need DNS?

Imagine having to remember the long string of numbers for every website you visit—like Google, Facebook, or your favorite blog. Sounds like a nightmare, right? That’s where DNS (Domain Name System)steps in! It acts like the internet’s phonebook, converting easy-to-remember website names into the numeric IP addresses that computers understand

What is DNS?

The system that translates names into the underlying numeric IP addresses, which are used to identify devices on the internet is called DNS (Domain Name System) and the computers that do the translation are referred to as DNS servers. DNS is so important, that at least two DNS servers are configured for every connection to an ISP. Connections to VPN servers, however, typically depend on a single DNS server.

DNS server is sometimes referred to as a DNS resolver.

Risks with DNS Servers

  • Malicious DNS servers can trick you into visiting fake websites, such as a fraudulent version of your bank’s site.
  • Fake websites can look identical to real ones, making it difficult for the average user to spot the danger. That’s why it’s essential to use trusted DNS servers to minimize the risk of falling victim to these types of attacks.

DNS for Ad Blocking

  • Some users block ads by using DNS to redirect ad websites (like ads.example.com) to invalid addresses.
  • This prevents ads from loading, improving your browsing experience.

Common DNS Errors and How to Fix Them

  • If a DNS server can’t find the IP address for a website, you might see an error like “This site can’t be reached” or “Server IP address could not be found.”
  • This typically means the DNS server failed to resolve the website’s domain name. To resolve this, check or change your DNS settings.

Using DNS on Public Wi-Fi

  • Public Wi-Fi networks are risky because you rely on someone else’s DNS servers, which might be unsafe or poorly configured.
  • Use a VPN to protect your privacy when using public Wi-Fi. A VPN encrypts your traffic, including DNS queries, so your device uses secure DNS servers instead of the public ones.

Secure DNS (Encrypted DNS)

  • Encrypted DNS, such as DNS over HTTPS (DoH) and DNS over TLS (DoT), enhances privacy by encrypting DNS queries, making it harder for third parties to intercept and manipulate them.
  • This doesn’t offer the same level of privacy as a VPN, but it’s still an improvement over unsecured DNS.

Checking Your DNS Servers

You can check which DNS servers your device is using with special tools or websites some are

  • WhatIsMyDNS.net
  • DNS Leak Test
  • Mxtoolbox DNS Lookup
  • IntoDNS

Configuring DNS Servers

  • It’s possible to manually configure your DNS settings to improve security and performance. However, be aware that malware can change these settings without your knowledge, and your router may override them as well.
  • Your router may override these settings, affecting all devices connected to your network. It’s a good idea to periodically check your DNS settings to ensure they are safe.

  • Google Public DNS

  • Cloudflare DNS

  • Quad9 DNS

  • AdGuard DNS

  • Each DNS provider has its own strengths and weaknesses. Consider your priorities - speed, privacy, security, or ad-blocking - before choosing the right one for you.