You are reading Maximum PC because you love to build, and tweak your rig. We will gladly spend hours trying to nudge a few extra clock cycles out of our CPUs, but why do so many of us refuse to touch our network settings? The vast majority of users simply plug in their network cables, cross their fingers, and sacrifice an AOL CD to the gods who keep Conficker at bay. Truth be told, without going into too much depth up front, there is a really easy way to boost your surfing speed and it requires very little effort at all. This same tool gives you the ability to customize your internet experience further by creating URL shortcuts, or even filtering content, all without extra software.
The tool we are referring to is Domain Name System, or DNS for short. In a nutshell, DNS is your phone book for the internet. It helps translate a friendly internet domain like www.maximumpc.com, into IP address that our computer needs to find servers on the internet. Each time you visit a new website, a DNS query is issued in the background, and you’re none the wiser. Internet service providers supply DNS to all their customers, but these servers tend to be overpopulated, and certainly aren’t a priority to them because it’s difficult for the average user to measure performance. Power users are intimately familiar with how to benchmark raw connection speeds, but before that even becomes a factor, your machine needs IP address which is supplied by your DNS. Even if your smoking fast Fiber Optic connection can handle 18 Mbps, if your ISP’s DNS server wastes several seconds looking up your favorite website, you connection may be sitting in limbo when you could be surfing instead.
Interested in finding out how to improve the responsiveness of your connection and learning more about your DNS options? Read on.
This step isn’t as easy as it sounds. There are more than 11.9 million DNS name servers in the world today, and some of these represent a significant security threat. You would think that if someone was going to all the trouble of setting up a dedicated DNS server they would keep it up to date. Unfortunately, this isn’t always the case. Some were simply commissioned years ago, and haven’t been touched or updated since launch. It’s worth noting however, that sticking with your ISP’s free default offering isn’t always the best choice either. They are often one of the worst offenders when it comes to defending against new vulnerabilities. Teaching you how to test a DNS server’s performance, and double check their security is something that we will cover in depth later in this article.
The sheer number of choices is overwhelming, but for the lazy readers amongst us who looking for a quick recommendation, OpenDNS is a safe bet. This is a company that has created its entire business around providing you with a flawless, and fast DNS performance. They also offer tons of great customization options which we will cover later, but they aren’t the only guys in town. If you’d rather look around for alternatives, start by surfing over to dnsserverlist.org and take a look at the top three recommended servers for your location. These won’t always necessarily be servers with the lowest ping; there is much more to DNS performance then just your physical distance. The server’s ability to resolve domain names varies greatly based on the platform they are using, and even how busy they are. The recommendations this service makes, takes some of those factors into account.
Select two of the three recommender servers, and get ready to jump to the next step. Don’t worry about the security or speed of your selections just yet. We have a test to address both of these concerns later on.
The easiest and fastest way to get up and running with you new DNS settings is to simply key them into your network cards configuration within the OS. This will get you up and running quickly, but I would only recommend this if you only have a single machine in your network, or if your computer is directly connected to your cable modem without a router. Not having a router is the security equivalent of licking the handrail at a subway station, but if you really don’t have one, this is the way to go. Keep in mind if you ever format your machine, or install a different network card, you will have to go through these steps again. Find the step by step instructions for configuring your OS below. The final step will give you the DNS settings to plug in for OpenDNS, but if you’d rather not use them, you can enter your own choice at the end based on what you decided in Step 1.
Still listening to Ace of Base and can’t find your OS? Click here .
Using your router is the best way to implement your new DNS selection. This allows any machine, or device that connects to your router to enjoy the benefits or content filtering that you have configured.
In general, you can access most consumer routers by opening a new tab in your browser and typing either 192.168.0.1 or 192.168.1.1 . You’ll know this worked correctly when you are prompted for your user name and password to login. If you lost this information, don’t despair, just look for any type of reset button on the device itself to restore it to defaults. Look for a tab named Network or Configuration and look for the section that allows you to enter your DNS. Once done, simply click save and reboot your router.
Here is a list of common routers, and instructions on how to reach your DNS settings.
The Gibson Research Corporation is creating a free DNS benchmarking web application, but unfortunately at the time when this article was written, it wasn’t quite ready for primetime. This tool shows amazing promise and I would suggest checking back at that link often to see the final results.
Until then unfortunately, we’ll have to do this the hard way! Start by downloading the Dig DNS Query Tool . The tool was created by Nicholas Fong , and for those that have been longing to plunge into a DOS box, get ready to get your geek on. Once you have downloaded the .zip file, extract the contents into c:\dig . Before you attempt to run the benchmark tool however, a couple of changes to the programs configuration are required. You can allow us to make these changes for you by downloading a 100kb patch file , or you can make the changes manually. Keep in mind however, that the patch can only be used if you installed the DNS tool in c:\dig, and if Windows is installed in the default directory ( c:\windows). If this is not the case, simply follow the steps below.
**If you wish to make the changes manually, simply open Notepad and direct it to open c:\dig\resolv.conf . Once you have opened this file, simply delete any visible text, then close and save the file. You now need to manually transfer a copy of the file to c:\”your windows directory”\system32\drivers\etc.**
Using Windows XP:
Click Start / Run / Then type “cmd” and press Enter
Using Windows Vista / 7
Click Start / then type “cmd”. When you see the cmd.exe icon appear at the top of your search menu, press Ctrl + Alt + Enter to Run As Administrator
You will then be greeted with a command line interface where you can type the commands listed on each line below. Keep in mind you need to press Enter at the end of each line.
patch.bat (only if you installed the patch without making the changes manually)
You can now test out performance by entering known, or unknown domain names. For example:
dig maximumpc.com NS
dig twitter.com NS
dig lolcats.com NS
You will start to notice that if you query a domain that you have visited recently, the IP address may be pulled from cache rather than the DNS servers and won’t give you fair results. You should query domains that you know you’ve never visited to get a clear picture. Just about every single word in the English language has been claimed on “.com”, use your creativity to come up with your own examples, and if that doesn’t work just Google something and note the URL’s on the results.
You can also query a list of top level domain servers.
dig com. NS
dig net. NS
dig us. NS
You can now go back and change your DNS server using steps 2 or 3 until you find the best result. Keep in mind that the best time to really test your new DNS server is during prime surfing hours, this is traditionally in the early evening. You ISP may turn in decent results in off peak hours, but buckle under the weight of its entire subscriber base. The internet is a chaotic place, the more factors you can take into account during your testing, the better. Once you’re pleased with the performance, you can move on to the next stage of your testing, security.
DNS servers have been in the news lately with terrible exploits that can snag even the most experienced power users. A new hack known as Cache Poisoning allows remote users to actually change the IP addresses of certain domains. For example, you could click on your address bar, type in www.bank.com , but instead of heading to your banks website, you are redirected to a phishing site. The URL in your address bar would look normal, but unless you know to check your SSL certificates, you might not be where you think you are!
Thanks again to the tireless efforts of Steve Gibson at GRC Corporation; a free and handy web utility now exists to test your DNS server’s resistance to Cache Poising. Simply scroll down to the bottom of the page, and click the large box near the bottom that says Initiate Standard DNS Spoofability Test . Having problems? Certain routers have been known to crash during the procedure. To identify if this is your problem, run the Crash Test .
If you’re happy with the speed boost, and if the spoofability test hands you back a passing grade, congratulations your off and running!
Any third party can provide DNS service, but what sets OpenDNS apart from the crowd is the services they offer. In addition to being one of the most secure DNS providers, if you take the time to register for a free account , you gain access to their premium features which include:
1.) Stats - If you enable this feature (disabled by default) you can get detailed statistics on your network activity. This can be extremely useful if you manage several machines in an office environment and you need to keep an eye out for slackers. It can also be helpful in a home environment when you want to make sure little Timmy is really reading Wikipedia, and not killing time on Facebook. The OpenDNS privacy statement also explicitly states that under no circumstances will they ever sell your statistical information to third parties.
2.) Shortcuts – Bind words to URL’s. Have you ever wished you could type “max” into your address and be instantly linked to your favorite PC website? That was a rhetorical question, of course you have! Simply think of a word, give OpenDNS the URL and make bookmarks a thing of the past.
3.) Filtering – By clicking the Settings tab in main menu, you will gain access to one of the most powerful features of OpenDNS, content filtering. From here you can customize exactly what users of your network will have access to, by either blocking specific websites, or simply protect yourself by blocking malicious websites. You can choose minimal which will protect you and the users of your network from phishing attacks, all the way up to high which will filter adult, illegal, or any other time wasting websites (except MaximumPC!). For those looking for protection somewhere in-between the two extremes, several other settings can be chosen, or you can create your own rule set by selecting Custom.
Changing your DNS server is a simple and proven way to improve your surfing speed without paying your greedy ISP an extra cent. OpenDNS is a great choice if you’re looking for rock solid performance and excellent security, but for those who care to take the extra time to benchmark and test, you’re sure to find something a bit faster if raw performance is your goal. With 11.9 million choices, how much time you invest in your search is entirely up to you.
Title Image Credit (4aad.com)