Free Web-filtering services provide extra protection from malware

Getting infected is especially annoying when you thought you’d fully protected yourself by regularly updating Windows, applications, Flash, Java, and browsers — along with your antivirus software.

If you’re wondering what else you could possibly do (short of pulling your connection to the Internet), I recommend adding Web-filtering services offered by DNS providers.

DNS providers offer free, personal Web filtering

Whenever your PC connects to an ISP, the company updates your gateway/router with the information it needs to connect with the ISP’s Domain Name Services (DNS) servers.

Setting up is relatively easy, as long as you can access your operating system’s network properties or your router’s setup utility.
Symantec’s Norton ConnectSafe, which uses DNS-based filtering to block suspect sites. Like most content-filtering services, ConnectSafe uses site categorization, such as pornography, crime, gambling, and so forth. The easy-to-set-up service has three levels of filtering:

• Policy 1: This base-level filtering blocks malware, phishing sites, scam sites, and Web proxies. For this level, set your DNS entries to 192.153.192.40 and 198.153.194.40.
  
• Policy 2: Medium filtering adds pornography blocking. Set your DNS to 198.153.192.50 and 198.153.194.50.
  
• Policy 3: This stringent filtering blocks a host of sites that Norton ConnectSafe deems not family-friendly, filtering for mature content and other family-unfriendly content. To choose this filtering, use 198.153.192.60 and 198.153.194.60
  

Norton ConnectSafe does not provide custom white/black listings. And with just filtering by category, there’s no guarantee that all objectionable sites or content will be blocked. Also, using the strongest filtering setting might block sites you want to visit or that aren’t objectionable to you. Before committing to ConnectSafe, test that the filtering isn’t too restrictive.

Another consideration: If you change DNS settings in Windows, it applies only to that machine. If you change settings in a router, it applies to all systems that connect to the Internet through that router.

Web/content filtering for small businesses

For now, Norton DNS for Business is still free. DynDNS also offers free filtering for small businesses.

Most likely, these companies use the filtering process to gather information they can apply to their core business offerings. Symantec, for example, sees what websites customers visit. As noted on its privacy policy page, any data it might collect from site visits is discarded after two days. (It cannot view content sent over SSL connections.)

It might be cause for concern that an entity providing security solutions could see the sites you surf to. However, most — if not all — sensitive information should travel over SSL connections.
I’m convinced that using filtering can help keep home and small-business computers free of rogue antivirus and other malware posted on malicious websites. With so many threats coming from browser use, I see this as a security win — and not a privacy issue.