Improve Security and Speed with Alternative DNS Servers

A simple configuration change might make a huge difference (and it's free)

Closeup of a woman in an office clicking the mouse
Kay/E+/Getty Images

Did you know that you might be able to improve both your Internet browsing performance and security by choosing an alternative DNS resolver? The good news is that it's free and takes only about a minute of your time to make the change to another provider:

What Is a DNS Resolver?

The Domain Name System (DNS) may easily roll off the tongue of your nearest network administrator guru, but the average user probably doesn't know or care what DNS is, or what it does for them.

DNS is the glue that binds domain names and IP addresses together. If you own a server and want to allow people to get to it using a domain name, then you can pay a fee and register your unique domain name (if it's available) with an Internet Registrar such as GoDaddy.com, or from another provider. Once you have a domain name linked to the IP address of your server, then people can get to your site by using your domain name instead of having to type an IP address. DNS "resolver" servers help make this happen.

A DNS resolver server allows a computer (or a person) to look up a domain name (i.e about.com) and find the IP address of the computer, server, or other device that it belongs to (i.e. 207.241.148.80). Think of a DNS resolver as a phone book for computers.

When you type a website's domain name in your web browser, behind the scenes, the DNS resolver server that your computer is pointing to is working to query other DNS servers to determine the IP address that the domain name "resolves" to so that your browser can go and retrieve whatever you're browsing that site for.

DNS is also used for helping find out what mail server a message is supposed to go to. It has many other purposes as well.

What Is Your DNS Resolver Set to?

Most home users are using whatever DNS resolver that their Internet Service Provider (ISP) assigns them. This is usually assigned automatically when you setup your cable/DSL modem, or when your wireless / wired Internet router automatically goes out to your ISP's DHCP server and grabs an IP address for your network to use.

You can usually find out what DNS resolver you've been assigned by going to the "WAN" connection page of your router and looking under the "DNS Servers" section. There are usually two, a primary and and alternate. These DNS servers may be hosted by your ISP or not.

You can also see what DNS server is being used by your computer by opening a command prompt and typing "NSlookup" and pressing the enter key. You should see a "Default DNS Server" name and IP address.

Why Would I Want To Use an Alternative DNS Resolver Other Than the One My ISP Provides?

Your ISP may do a great job with regards to how they setup their DNS resolving servers, and they may be perfectly secure, or they might not. They may have tons of resources and awesome hardware on their DNS resolvers so that you get super fast response times, or they might not.

You may want to consider switching from your ISP-provided DNS resolution servers to an alternative for a couple of reasons:

Reason #1 - Alternative DNS Resolvers may Give you a Web Browsing Speed Boost.

Some alternative DNS providers claim that using their public DNS servers may provide a faster browsing experience for end users by reducing DNS lookup latency. Whether this is something that you will notice is a matter of your personal experience, but I know I'm all for anything that will potentially speed up browsing, so why not give it a try?

If it seems slower, you can always switch back to your old ISP-assigned DNS resolver anytime you want.

Reason #2 - Alternative DNS Resolvers may Improve Web Browsing Security

Some alternative DNS providers claim that their solutions offer several security benefits such as filtering out malware, phishing, and scam sites, and also reducing the risk of DNS cache poisoning attacks.

Reason #3 - Some Alternative DNS Resolution Providers Offer Automatic Content Filtering

Want to try and block your children from accessing pornography and other "non-family friendly" sites? You can opt to choose a DNS provider that performs content filtering.

 Norton's ConnectSafe DNS offers DNS resolution servers that will filter out inappropriate content. It doesn't mean that your kids can't just type in an IP address for an inappropriate site and get to it that way, but it probably will add a sizable speed bump to their quest for mature web content.

How do you Switch Your DNS Resolver to an Alternative DNS Provider?

The best way to switch DNS providers is at your router, this way you only have to change it in one place. Once you change it on your router, all the clients on your network (assuming that you are using DHCP to automatically assign IPs to client devices) should point to the new DNS servers automatically.

Check your router's help manual for details on how and where to change your DNS resolver server entries. Mine were automatically set by my cable company and I had to disable the automatic DHCP IP grab on the WAN connection page and set it to manual in order to be able to edit the DNS resolver IP addresses. There are usually two to three places to enter the DNS Server IP addresses.

Before you make any changes, you should check with your ISP and your router manufacturer for specific instructions for your situation. You should also write down current settings or screen capture the settings page before you make any changes, in case the change doesn't work.

Alternative DNS Providers Worth Considering

Here are a couple of well known alternative DNS providers worth considering. These are the current IPs as of this article's publication.

You should check with the DNS provider to see if the IPs have been updated before making the change to the below IPs.

Google Public DNS:
8.8.8.8
8.8.4.4

Norton's ConnectSafe DNS:

198.153.192.50 - (includes malware, phishing, and porn blocking features)
198.153.194.50 - (includes malware, phishing, and porn blocking features)

For a much more extensive list of alternative DNS providers, see Tim Fisher's Free and Public Alternative DNS Server List.

A Note Regarding Alternative DNS Providers With Blocking Features

None of these services will likely be able to filter out all possible malware, phishing, and porn sites, but they should at least cut down on the potential number of these types of sites that are accessible by filtering the known ones out. If you don't feel that one service is doing a good job with filtering, you can always try another provider to see if they are any better.

Was this page helpful?