Norton ConnectSafe DNS is Retiring

Discussion in 'other anti-malware software' started by enemyofarsenic, Aug 11, 2018.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    Oh no, I believe OpenDNS will collect data.
     
  2. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,370
    yeah, none of the big players are any different than the others. they all collect data and use it for revenue-generating (ads, selling data to 3rd parties, etc) or other purposes. some do it discreetly, some blatantly.
     
  3. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
  4. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Have used Norton ConnectSafe in the past. Has 3 levels you can choose
    from for blocking content. Better alternatives out there?
     
  5. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,370
    you can try yandex dns. it has the same three-level model.
     
  6. Becho

    Becho Registered Member

    Joined:
    Oct 16, 2007
    Posts:
    32
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
  8. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    3,855
    Location:
    Nebraska, USA
    That's not really running your own DNS. It puts yet another "man-in-the-middle" between you and where you want to go. That adds latency (delays). If you look at the flow chart in that link, it then takes your query to 1.1.1.1, OpenDNS or Google Public DNS. At least Pi-Hole correctly admits the major drawback to this process, "traversing the entire path maybe be slow". Yeah, with a 1/2 dozens extra steps in the process, that makes sense. A bit ironic since FTL stands for "faster than light".

    Still, Pi-Hole is worth keeping an eye on! :)
     
  9. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,465
    Location:
    Member state of European Union
    You didn't understand text in that link. There are two flowcharts and Becho refers to second. Configuring according to second flow chart means own recursive DNS server is used instead of some Big Company nameserver. This approach have both advantages and disadvantages compared to using i.e. 1.1.1.1.
     
  10. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    3,855
    Location:
    Nebraska, USA
    I understand it. It puts a man-in-the-middle.

    I am not saying that is necessarily bad, but it will indeed, as he noted, slow the process down, at least until the necessary white lists are created.

    The idea of that pi-hole process is not speed. It is blocking ads - ads that can result in using up mobile devices monthly data allotments.
     
  11. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,465
    Location:
    Member state of European Union
    It just places that recursive server on private hardware owned by user rather than Cloudflare or other Big Company infrastructure.
    It adds man-in-the-middle server locally, but removes one remote man-in-the-middle server.
     
  12. Becho

    Becho Registered Member

    Joined:
    Oct 16, 2007
    Posts:
    32
    I was referring to the second chart. I have been using this pi-hole/recursive dns with Unbound for the past month & have had an excellent experience. No slow downs whatsoever unless the site is so brand new that it has never been queried ever but like they said maybe 1 second look up, then added to the pi-hole cache. I only posted to say that I once did use Norton for a while & bounced between my isp, Quad9 & the G. Once I bought my $44 Pi I learned how my DNS queries are now mine & the adblocking is a bonus. My home network feels so much more robust. Also, Pi-hole with FTL is out of beta.

    Honestly though I’m pretty sure my isp has some tricks up it’s sleeve & maybe this is just snake oil & they are able to see what I see, hopefully not though.
     
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,303
    Location:
    Italy
    Hi.
    After reading the report below:

    https://www.wilderssecurity.com/threads/dns-protection-services-april-2018-tests.403851/

    I did some tests using the PhishTank database:

    With only valid phish URLs:


    302.JPG

    I have considered:

    1) Yandex DNS
    2) Open DNS
    3) Quad9 DNS

    In my small test the Open DNS were the best ones to stop URLs to Phishing content.
    If you have a different opinion, I'm happy to read your thoughts.
    :thumb:
    TH.
     
  14. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,187
    Location:
    USA still the best. But barely.
    I use Simple DNSCrypt.

    https://www.majorgeeks.com/files/details/simple_dnscrypt.html
    "Simple DNSCrypt provides you with a simple tool for making sure that your DNS queries are securely encrypted.

    It is intended to work as an uncomplicated way to block any 3rd party from attempting to penetrate your privacy by snooping on your DNS traffic. And keep in mind that unsecured DNS traffic can also be vulnerable to man-in-the-middle attacks.

    Simple DNSCrypt is a cinch to set up, all that is required is the selection of the network card that requires protection and then you choose a DNS proxy. From there Simple DNSCrypt will automatically configure the rest by ensuring that DNS queries performed by your network card will utilize the localhost."
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.