Wednesday, October 26, 2022

DNS For Malware Blocking

The Domain Name System protocol maps a human-readable hostname to an IP number. The DNS protocol can be leveraged to filter these lookups. While an application can use a hard-coded IP number, hostname lookups can have any logic or filtering applied by the DNS resolver.

People have effectively self-hosted the Pi-hole solution at home. Typically it is configured to reduce ads which can improve website performance and reduce tracking. For those with some desire to configure a small device, pi-hole is a straightforward and lightweight method to take some control of your network.

There are also hosted DNS solutions which can provide varying levels of filtering and blocking.

Using a phone over a mobile network or public wifi, you may want to have some DNS filtering while not using the Pi-hole solution at home. For an Android phone, there is a setting to allow use of "Private DNS". Go to settings, Network & Internet, Private DNS. If you want to use the Cloudflare DNS offering of 1.1.1.1, Android will require an actual hostname instead of the 1.1.1.1 number scheme. In the settings prompt for Private DNS, enter the hostname 1dot1dot1dot1.cloudflare-dns.com and press save. Your Android phone should then use the Cloudflare DNS filtering. Using one.one.one.one as the hostname seems to have unreliable effects as it does not always properly resolve that name.

Android Private DNS setting:








Look up 1dot1dot1dot1.cloudflare-dns.com which resolves to 1.1.1.1:










Cloudflare's 1.1.1.1 is fast and convenient. For additional levels of filtering, look into using their family filtering at 1.1.1.3. For family filtering, also consider using OpenDNS.