Does Norton ConnectSafe (DNS) really work?

Discussion in 'other anti-malware software' started by Anguel, Jan 7, 2016.

  1. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Hi!

    So far I used OpenDNS servers as a first layer for malware blocking. However, I have never seen it blocking anything so it is hard to say how efficient it was.

    Now I read that Norton DNS should be good, because Norton is an AV company and has a large Norton SafeWeb database. This is what they say about their ConnectSafe DNS service:
    "Real-Time Protection: Norton ConnectSafe leverages the power of Norton Safe Web, which contains information on millions of Web sites accessed billions of times each day."

    So I gave it a try yesterday. To test I looked at their SafeWeb Buzz https://safeweb.norton.com/buzz listing all the new threats. Unfortunately, ConnectSafe DNS did not block any of the domains I pasted from SafeWeb Buzz. Fortunaley, Kaspersky AV caught most of them :)
    So I wonder if the advertised SafeWeb blocking really works... Any comments are welcome!

    Anguel
     
  2. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    455
    Location:
    CSA Consulate, Glos., UK
    you need to sign up for an account at opendns, and manage your network blocking.add your network ip and select what categories you want blocked, add blaclist/whitelist domains, etc

    you need to update it manually if your ip changes, tho some routers have a dynamic dns setting to do it for you, or you can use opendns' windows background app. you can even set up your own reporting messages that appear if you hit a bad url.

    norton has three levels of blocking, A thru C with increasingly more categories blocked which level did you set your dns to in the windows adapter settings?

    i use a custom mvps host file for prelim blocking, as well as a periodically updated ip blocklist from bluetack in my outpost firewall, and top it off with eset smart security's antimalware and antivirus, hips, etc. (eset firewall off).
     
  3. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    I set up Norton for cat A - malware blocking only, nevertheless phishing sites from their SafeWeb should be blocked. Have you tested if this is the case?
     
  4. Works for me

    upload_2016-1-7_17-42-7.png
     
  5. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    455
    Location:
    CSA Consulate, Glos., UK
    no, i'm not a norton fan. the only test i did was to run google's namebench & it was slower than opendns, so it was removed. got tired of opendns, their categories are rather loose & i got tired of it blocking stuff where i thought they shouldn't. also a pain to manually update the IP if you are dynamic and their resident utility can be a pain. if they allowed you to reference a domain name rather than an ip, i might still use them.

    p.s. - my system blocks inputcomp .com
     
    Last edited: Jan 7, 2016
  6. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I use VeriSign's new retail free DNS. Same protection as their commercial paid service. Supports IPv4 & IPv6; Norton only supports IPv4. Also VeriSign DNS uses DNSSEC. No fancy displays or anything, just blocks the connection which is perfectly fine with me.
     
  7. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    455
    Location:
    CSA Consulate, Glos., UK
    might try that. :)


    just change your dns to these ip's.
    64.6.64.6
    64.6.65.6
     
    Last edited: Jan 7, 2016
  8. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Hmm, I tested from two different ISPs here in Germany: entering www.inputcomp.com keeps Firefox and Chrome spinning (wating) but I don't see any ConnectSafe page...

    UPDATE: Now it worked for
    adamcdonalds.com
    I finally got a SafeConnect warning page there.
     
    Last edited: Jan 8, 2016
  9. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    VeriSigns seems to indeed block the latest malware links listed on Nortons SafeWeb page, although they don't advertise malware scanning for their free public DNS. Interesting :)

    BTW: Do you mean Verisign DNS Firewall when talking about their "commercial paid service"? And do you think that their database is comparable to Norton's?
     
    Last edited: Jan 8, 2016
  10. Thx, trying it now
     
  11. Nope, IT DOES NOT STOP THEM

    I tried a page which is blocked by Norton, it redirects to a phony questionaire, which let me win € 500 for the price to claim I just had to enter my details. After entering phony details, I was asked to send an SMS, they will charge you 12 € (see upper right corner in black) when you send that SMS. Greed is such a great incentive :argh:

    upload_2016-1-8_13-38-28.png
    Back to Norton again :eek:
     
  12. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Can you please provide a link to test here?
     
  13. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Yes. They don't claim to be a rep scanner or the like. Their main claim is "Privacy" and blocking redirects to ad web sites. Of course, the main protection is secure DNS resolution:

    Verisign Public DNS is a free DNS service that offers improved DNS stability and security over other alternatives. And, unlike many of the other DNS services out there, Verisign respects your privacy. We will not sell your public DNS data to third parties nor redirect your queries to serve you any ads.
     
  14. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Unfortunately, I experienced serious slowdowns on multiple sites for some reason - looks like this was related to Verisign DNS :( Switched back to Norton DNS for now.
     
  15. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,340
    Location:
    Québec, Canada
    I used the DNSBench from Gibson Research (grc.com) and OpenDNS was in the top 5 for speed.
    Verisign was slower.
    I did test NortonDNS a few months ago and it was really slow.
     
  16. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I have noticed a noticeable lag in initial connection to some out of country(U.S.) web sites. I assume this might be security related. Not a big deal for me.
     
  17. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    These sites are redirects. If you use 'Request Policy' you'll see the popup to redirect
    and if you choose to allow then Norton ConnectSafe blocks it. You can block with RP to.
     
  18. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    Norton ConnectSafe works,
    but it takes up to 20sec. to display warning page.
    Sometimes even more.

    From my location, in south-west Germany, it takes more than 30 hops to primary and secondary Norton DNS server.
    Frequent timeouts make this a no-go.

    But, normal DNS resolution works, without noticeable delay...:confused:
     
    Last edited: Jan 8, 2016
  19. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    A ok, so I experience the same problems here in central Germany obviously. Unfortunately, Verisign DNS seems to have some very serious delay with some forums or youtube embedded videos. So I will stick with Norton for now, although it does not work as advertised.
     
  20. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Do I understand correctly that you are talking about the paid Norton ConnectSafe? I have only tried the free one so far.
     
  21. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Regardless of DNS provider used, you should always check its "spoofabilty" status. You can use GRC's web site to do that: https://www.grc.com/dns/dns.htm . Your test results for all servers used should be "excellent." Also while at the GRC web site, you can download their small portable DNS benchmark utility. This can be used to verify your DNS provider performance.
     
  22. Results for Norton DNS from Netherlands

    upload_2016-1-9_17-2-51.png
     
  23. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    I used https://code.google.com/p/namebench/ for testing, it is able to find local fastest DNS, but fastest is not always the best. :isay:

    As for OpenDNS, I like the settings it provides, not just filtering, which is impossible on a shared IP.
     

    Attached Files:

  24. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    This would be the free Norton DNS servers that are available in 3 policies.
     
  25. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    517
    Norton Connectsafe has never warned me of anything. I am not a registered member if that makes a difference?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.