Skip main navigation

Changing Your DNS Connection to Avoid ISP Snooping

In this video, you will learn how to change your DNS connection.
5.8
In this video, we’re going to take a look at how to change your DNS connection to avoid ISP snooping. Now if you’re not sure how DNS works, DNS basically resolves a server address for us. So when we’re sitting at our computer and we type in, codered.eccouncil.org, that’s actually not the address that your ISP will actually recognise by default. So the actual code red website is going to be 104.16.118.89. That’s the actual server IP address that it has on the internet. Now the problem with this is, most of us aren’t going to remember things that well. I want to go to codered.eccouncil.org, so I need to type in 104.16.118.89. That’s why DNS servers come in really handy.
61.7
DNS stands for Domain Name Server. And what it does is it takes the easier to read html or http, https, URL that we’re giving it, in this case codered.eccouncil.org. And then it converts it over. So once you type in the URL, you send it off. The DNS server, which is 99% of the time going to be your ISP, goes to in DNS server. DNS server says, “Oh, you mean 104.16.118.89”. And then it sends it off to the proper server on the internet. Now again, 99% of the time, it’s going to be your ISP that acts as your DNS server.
103.2
So from your home, you go out, you send the request, goes to your ISP, ISP is DNS server, goes out to the server, and then comes back to you. So what’s the issue with this? So with net neutrality being repealed in most places, there could be a lot of different issues. So say I want to go to amazon.com, or better yet, Google. I want to use Google for my search engine. So I type in google.com. And I hit the button and I send it off. And ISP grabs an address and says, well, Google’s not paying us extra.
140.6
And since we don’t have to buy it by net neutrality rules, I’m going to send you to Bing– Microsoft’s paying us extra money. So instead of going to Google, it comes up with Bing. And even though that’s a pretty extreme case, that is an example of what ISP can do. Or whoever controls a DNS server, they can send you anywhere they want, no matter what your URL you type in. Because ultimately, they control the flow of traffic. They could also record where you’re going. Your ISP can log all these different websites you’re going to, collect that information, tie it to you, your house, your name, and then sell the information off to advertisers. So how can we address this?
184.8
Well, one way is we can use a DNS server from a company called Cloudflare. And if you’re not familiar with Cloudflare, Cloudflare is essentially a company whose main business is DDoS protection, or distribute denial of service protection. Essentially, they set up a service where if someone tries to launch an attack versus a website or a server, they’ll sit between the two and they’ll take the extra traffic from the attack and try to mitigate it. That way, it doesn’t take your servers down. A while back, what they decided to do is they created a DNS server for the public, and it’s privacy-based. So as they say, “privacy-first consumer DNS service.”
232
So essentially, this is supposed to be a very private DNS server that we could use publicly for free. Now how private is it? Well, according to the blog, they’re committed to never writing the querying IP address to the disc. And they wipe all logs within 24 hours. Cloudflare’s business has never been built around tracking users or selling advertising. They don’t see personal data as an asset. They see it as a toxic asset. So you could take that as you will. I’ve used it. It seems pretty good. I’ve done some research into it. And it does look pretty legit. So again, whether you really trust us or not, that’s going to be up to you.
272.9
But this is an alternative we could use for DNS. So let’s go ahead and install it. So I’m going to go ahead and set up the Cloudflare DNS on a Windows machine. So if you have Linux or OS X, the concepts are going to be the same. You want to go in your adapter settings and change it. Getting there is going to be a little bit different though, so if you’re not sure how to do that, you do want to actually go ahead and check that out first. So on Windows 8-8.1 and Windows 10, we can simply hit Windows X and it’ll bring up this menu here. And we can go over to network connections.
308.3
And then what we want to do is Change Adapter Options. So once that comes up, whatever your connection is, if you’re on ethernet, you want to go to ethernet. Most likely, you’re going to be on Wi-Fi. So I’m going to double click the Wi-Fi option. And then under Wireless Properties, I’m going to click that. And actually, let’s go back. Under Status, we’re going to Properties rather. And then we’re going to scroll down. And most likely you’re using IPv4, not IPv6. If you’re using six for some reason, go ahead and click that. But for 99% of the people out there, you want to choose the internet protocol version 4. And we’re going to double click that.
351.7
Now by default, the obtain DNS server address automatically is going to be checked. And this is going to be greyed out. So I’m going to go ahead and do that. It’s going to look like that. So what we want to do is click the one below it, use the following DNS server address. And I’m going to do 1.1.1.1. And that’s going to give us a Cloudflare DNS. Now as you see, there’s another box down here, Alternate DNS. So if you have another DNS server that you want to use as a backup, say you want to use Google for some reason, you could use Google, which is 8.8.8.8. And that’s absolutely a valid DNS server.
392.3
So what will happen is, your preferred DNS server, whenever you’re going out to the internet, it’s going to try that DNS server first. If you don’t have anything for an alternative, and whatever reason, say Cloudflare went down, it’s not going to be able to resolve that address. That’s why if you want, you can put a secondary one down. I very rarely ever had problems with Cloudflare DNS being down. So I generally don’t put an alternative DNS server. I also don’t have a secondary one that I really trust at the moment. I haven’t set up my own DNS server. So if you do want to set up your own server, you can absolutely do that.
429.2
There’s some information on the internet that you can check out and you can add that. So you can leave it blank or, again, if you have another DNS server, you can simply enter that address. And once you’re done, click OK, and OK, and close. And then you’re done. Pretty simple.

In this video, you will learn how to change your DNS connection.

Here are important tips to remember:

  • DNS translate search requests into IP addresses
  • DNS traffic can be altered, logged and/or sold by your ISP
  • CloudFlare is a secure, free DNS

Over to you: Change your DNS connection.

This article is from the free online

Cyber Security Foundations: Why Cyber Security is Important

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education