Safe DNS – Encrypting DNS for a Safe Online Experience

The Domain Name System (DNS) has been around since the conception of the internet. It is the most popular, under appreciated, technology that powers the web. What I call a critical piece of the fabric of the web.

 

Without it, we would have to remember things like 137.220.48.110 vs cleanbrowsing.org. Take a moment to visualize those marketing campaigns. Needless to say, Paul Mockapetris saved us from ourselves when he created the DNS.

 

This platform, however, was built at a time where we were enthralled with creating cool things and payed less focus on the importance of "security".

 

Thankfully, a lot has changed over the recent years and there have been massive new technologies, like encryption, have been  introduced that help us create a more secure, safe, DNS.

 

4 Options to Create a Safe DNS

Below are four distinct ways organizations, and individuals, can take control of creating a safe DNS environment for their devices.

 

Option Description
DNSSEC Introduced in 2004 to protect DNS resolvers by ensuring that an attacker is unable to forge DNS data when requested (i.e., it was trying to solve the falsification problem).
DNSCrypt Introduced to tackle the threat of a Man-in-the-Middle (MiTM) problem by doing to DNS traffic what SSL/ TLS did to HTTP – wrapping the traffic in a tunnel of encryption using HTTPS specifically.
DNS-over-HTTPS (DOH) Introduced in 2016 to tackle the threat of a Man-in-the-Middle (MiTM) problem by doing to DNS traffic what SSL/ TLS did to HTTP – wrapping the traffic in a tunnel of encryption using HTTPS specifically.
DNS-over-TLS Introduced in 2016 to tackle the threat of a Man-in-the-Middle (MiTM) problem by doing to DNS traffic what SSL/ TLS did to HTTP – wrapping the traffic in a tunnel of encryption using TLS specifically.

Yes, the last three pretty much do the same thing, each one doing it a little differently than the other. All, however, focused on ensuring communication is kept safe as it moves from your device to the rest of the internet.

CleanBrowsing Helps Create a Safe DNS

Whether you're using our Free filters or our Paid filters know that you have access to all methods of creating a safe DNS in your envionrment. In all our configuration pages you will find instructions on how to configure the different encryption options discussed above (with exception to DNSSEC that doesn't apply to our service).

Content Filtering w/CleanBrowsing

CleanBrowsing provides a cost-effective DNS-based Content Filtering service that blocks access to unwanted content like malicious sites and online pornography.