OK people. It’s time to get serious. The internet is big. Besides all of the cat memes the internet is full of ransomware and malware that’s just waiting to make you the next victim.
CNN estimated that in 2015 there could be around 6.5 billion cat pictures on the internet. The internet has been described as a “virtual cat park, a social space for cat lovers in the same way that dog lovers congregate at a dog park”.CNN
While ransomware volume tookSonicWall 2018 Threat Report
a substantial dip, other malware attacks jumped significantly.
All told, SonicWall logged
attacks — an 18.4
percent increase over 2016.
Regionally, the Americas were victimized the most, receiving 46 percent of all ransomware attack attempts in 2017 (SonicWall 2018 Threat Report).
These numbers are big. But there are ways to protect your network. Either in the work place or at home. A free product that I use for layered security is called OpenDNS.
The DNS protocol is the address book of the internet. For example, although you came to micahvorst.com your computer actually requested the IP (internet address) of my webserver (currently 18.104.22.168). Instead of us memorizing IP addresses for our favorite websites we’ve collectively decided to contextualize the internet thereby assigning names to IP addresses. No longer do you have to memorize 22.214.171.124 you can simply type in amazon.com.
DNS is a building block of the internet. Therefore, it’s one of the first things to filter and secure while browsing the internet.
How this applies to your home network.
OpenDNS is a Cisco company and provides free DNS filtering for home use. Once setup, you can take advantage of the OpenDNS network to filter by categories. OpenDNS has 58 categories that you can choose from. For our home network I’ve blocked the following:
Ready to get started?
To begin sign up for a free OpenDNS account which allows you to customize which categories you would like blocked. Head over to https://signup.opendns.com/homefree/ to create your account.
Once logged in click Add/manage Networks
Add your network. If you don’t know your IP address go to: http://myip.dnsomatic.com/ and then fill out the IP section to add a network:
Once you’ve added your network you can click on the IP address to manage which categories you would like to allow/deny:
There are preselected categories or you can customize what to allow. In this example we’ve selected the custom category:
You’ve setup your OpenDNS account. Now you need to configure your home network.
You’ve configured your DNS settings but now you need ALL OF YOUR DEVICES to point to the OpenDNS nameservers in order for this to work. OpenDNS has a great page for configuring your network or device. I strongly recommend to configure your home router. This is the easiest configuration in the long run.
Routers are like snowflakes. They are all different. However, OpenDNS provides tutorials on accessing common home routers. When you log into your router you need to configure the DHCP section which provides IP addresses and DNS options for each of your devices logged into the network. For example, I have a [redacted] (sorry hacker, not today) and have navigated to the DHCP Settings page.
The only thing that you need to change is the DNS servers. Usually, there will be an option for primary and secondary DNS. OpenDNS nameservers are always:
Depending on how your network is set up it may take up to 24 hours for your devices (phones, desktops, laptops) to acquire this change. A fun test to confirm that your devices are now protected by OpenDNS is by going to http://www.internetbadguys.com/. A harmless site that is run by OpenDNS which will tell you if you are protected.
That’s it. Good job!