Recently, renowned researchers from Tel-Aviv University and Reichman University conducted a groundbreaking study on DNS resolvers and distributed denial-of-service (DDoS) attacks. Their research uncovered a severe complexity attack called NRDelegationAttack, which poses a significant threat to DNS resolvers. This attack can exhaust CPU resources and cause denial of service to legitimate users.

The study identified major resolver implementations, including BIND9, Unbound, and Knot, as vulnerable to NRDelegationAttack. The researchers issued three common vulnerabilities and exposures (CVEs) related to this attack. Testing on 16 open resolvers confirmed their susceptibility.

SafeDNS stands out as the web filtering solution with the most sustainable infrastructure, as confirmed by the provided data. In comparison to other major DNS resolvers, SafeDNS demonstrates exceptional performance in maintaining low latency and minimizing latency increase percentages.

According to the test results, SafeDNS exhibits remarkable consistency, with a mere 4.65% increase in latency from the first NXNS Attacker. This outstanding performance significantly outperforms many other resolvers, ensuring users experience minimal delays and enjoy a seamless browsing experience.

Moreover, when facing the NRDelegationAttack Attacker, SafeDNS experienced an increase of 5812.8% in latency, surpassing the performance of several other DNS resolvers. Notably, some of the other resolvers encountered ClientTimeout errors in response to the NRDelegationAttack Attacker, highlighting the robustness and reliability of SafeDNS.

These results underscore SafeDNS’s commitment to providing a sustainable infrastructure that delivers exceptional performance, security, and stability. Users can rely on SafeDNS to navigate the internet securely and efficiently, while experiencing minimal latency and maintaining a seamless browsing experience.

To learn more about this groundbreaking research, including detailed analysis and findings, please refer to the full research article.

Start using SafeDNS for free

Take advantage of the SafeDNS trial period and try all the best features

The Myth: DNS Servers and Improved Ping

When it comes to gaming, some individuals believe that by using specific DNS servers, they can significantly reduce latency and enhance their gaming performance. The idea behind this belief is that connecting to nearby or faster DNS servers will result in quicker resolution times, leading to improved connection speeds and reduced ping during gameplay. However, this assumption oversimplifies the complexity of network performance.

The Reality: Minimal Impact on Ping

While it may seem logical that connecting to optimized DNS servers would lead to improved gaming performance, the reality is that DNS resolution has limited impact on reducing ping or enhancing overall gaming latency. In most cases, the time it takes to resolve DNS queries is minimal compared to other factors influencing latency, such as the speed and quality of your internet connection, server distance, and network congestion.

To put it simply, even if you were to connect to the fastest DNS servers available, the improvements in ping would be marginal, if noticeable at all. The primary focus should be on addressing the factors that have a more significant impact on gaming performance.

Alternative Solutions for Enhanced Gaming Experience

To optimize your gaming experience, consider the following alternative strategies that have a more substantial impact on reducing latency and improving overall performance:

1. Internet Speed and Quality:

Start by checking the speed and quality of your internet connection provided by your ISP. Ensure that you are subscribed to a plan that offers sufficient bandwidth and low latency for gaming. If necessary, consider upgrading to a higher-speed plan or exploring alternative internet service providers in your area.

2.  Network Optimization:

Optimize your network settings for gaming to reduce latency and improve stability. Here are a few steps you can take:

• Utilize a wired connection instead of relying on Wi-Fi, as wired connections tend to offer lower latency and better stability.
• Close bandwidth-intensive applications or downloads running in the background, as these can hog network resources and negatively impact your gaming experience.
• Configure your router for gaming traffic, which may involve enabling Quality of Service (QoS) settings or prioritizing gaming traffic over other types of network traffic.

By implementing these alternative solutions, you can make significant improvements to your gaming experience without relying solely on specific DNS servers.

While the myth persists that using specific DNS servers can dramatically improve gaming performance, the reality is that DNS resolution has limited impact on reducing ping or overall gaming latency. Instead, prioritize factors such as internet speed and quality, as well as network optimization, to enhance your gaming experience. By focusing on these essential aspects, you can effectively optimize your gaming setup and enjoy a smoother and more enjoyable gaming experience.

How does it work?

SafeDNS User Administration allows you to create sub-accounts, namely Administrators and Auditors, to manage your primary account efficiently and securely. Administrators have their own unique login and password and possess all the permissions of the main account, except for the ability to create additional Administrators. Auditors also have their own login and password but are limited to accessing the Stats page only. They can view logs and statistics but cannot modify any settings on the dashboard. 

Note: Please be aware that Administrators and Auditors are intended for use with the Dashboard interface only and are not compatible with the SafeDNS Agent application.

Why is it important?

Enhanced Security: User Administration enhances security by granting specific access privileges to sub-accounts. With well-defined roles and permissions, you can reduce the risk of unauthorized access and potential data breaches. Implementing the principle of least privilege ensures that users only have access to the resources necessary for their tasks, strengthening overall security.

Efficient Account Management: Delegating account management tasks to Administrators allows for more efficient user onboarding, offboarding, and ongoing management. Administrators can quickly provision new accounts, adjust permissions, and remove access when necessary. This streamlines administrative processes and password management, leading to improved productivity and reduced administrative overhead.

Accountability and Compliance: User Administration contributes to accountability within your organization. By tracking all account actions, the comprehensive logging system provides a clear record of user activities, changes made, and the responsible sub-account. This level of accountability is crucial for regulatory compliance, internal auditing, and forensic investigations.

What are the logs for?

SafeDNS also provides a comprehensive logging system that captures and stores important user actions within the dashboard. The logs include details such as login/logout events, configuration changes made by the main administrator, sub-administrators, and auditors. These logs track activities such as enabling/disabling features, adding/removing entries in Allow/Deny lists, and more.

Additionally, we have created a helpful video tutorial that provides detailed instructions on how to set up the User Administration feature. This video will guide you through the process, ensuring a seamless implementation of sub-accounts for efficient account management. You can find it here.

SafeDNS User Administration and logging features offer a robust solution for effective account management and enhanced security. By delegating responsibilities through sub-accounts and leveraging detailed logging capabilities, organizations can streamline operations, maintain accountability, and ensure compliance. Explore the power of User Administration and logging with SafeDNS to fortify your network’s security and efficiency.

We are delighted to share the news of our remarkable achievements in 2023 with Capterra. We are proud to have received multiple awards, including recognition in two categories this year: Emerging Favorite in Endpoint Protection and Cloud Security.

SafeDNS has been highlighted as a highly-rated product in the  Cloud Security Software category of Software Advice’s FrontRunner Report 2023.

We have also earned a spot in the Capterra Shortlist for endpoint protection.

Here’s our placement in the Grid report:

We are grateful to our clients for making this achievement possible! We have received exceptional reviews on Software Advice:

“Very easy to install and integrate. The service allowed for more flexible options – such as a longer whitelist of websites – as well as less complicated than Cisco Umbrella.” [Edward]

“Safedns does a great job of making DNS based administration quick and easy. Safedns also does a great job of allowing administrators to define a list of allowed sites and deny everything else. Some of the big players in this space surprisingly don’t have this functionality.” [Troy]

This award recognizes exceptional companies and products with a significant amount of recent favorable user reviews that puts them in the top tenth percentile of highly reviewed products on SourceForge.

At SafeDNS, we are committed to providing our customers with the best web filtering solutions that keep them and their businesses safe online. Our cloud-based platform offers comprehensive protection against malicious websites, phishing, and other online threats, while also allowing users to customize their browsing experience based on their unique needs.

Great support and very effective system. Easy to setup for a multi-site company with many simple to use features and good written support materials. [Leonides Daniel C.]

We would like to thank all of our customers who took the time to share their positive experiences with SafeDNS on SourceForge. Your feedback and support are what drive us to continuously improve our products and services.

How Does DNS Blocking Work?

Well, when a user types a website’s URL into their web browser, the request is sent to a DNS server to resolve the domain name into an IP address. DNS blocking works by intercepting this request and checking the domain name against a predefined blocklist or denylist. If the domain name is found on the blocklist, the DNS server responds with a blocked message instead of the IP address, preventing the user from accessing the website.

What Happens if a Website is on Both the Allow and Denylist?

It’s important to note that if a website is on the denylist, it cannot be added to the Allowlist, and vice versa. This is because the two lists work in opposite directions, with one blocking access and the other allowing it. Additionally, if a website you are trying to add to either list is already blocked by an AppBlocker, you will receive an error message. In this case, you will need to remove the site from the AppBlocker’s blocklist before adding it to the desired list.

How to Check if a Website is Blocked?

If you’re unsure whether a website is blocked, there is a way to check it by using the nslookup command in the command prompt. If the website is blocked, nslookup will respond with the IP address of the block page. On the other hand, if the website is not blocked, nslookup will respond with the actual IP address of the website. For more detailed instructions, check out our article.

However, keep in mind that it may take 5-7 minutes for the DNS cache to update and the blocking to take effect.

In conclusion, DNS blocking is an effective way to protect your network and users from online threats. By blocking specific domain names, you can prevent access to malicious websites, adult content, and other unwanted online resources. And with the right configuration, you can ensure that your users have access to the websites they need while blocking those they don’t.

What Kind of Stats Do We Offer?  

SafeDNS statistics feature provides users with detailed insights into their internet activity, including information on blocked requests, blocked categories, blocked domains, and more. This information is presented in an easy-to-read format, allowing users to quickly identify potential threats and take appropriate action to protect themselves.

Can We Export Them?

Yes, SafeDNS statistics can be easily exported to CSV format, making it easy to share this information with other stakeholders or analyze it in more detail using third-party software.

Are There Monthly Reports?

Yes, SafeDNS provides monthly reports that summarize internet activity for the previous month. These reports are customizable, allowing users to select the specific data points they want to include, and can be automatically generated and sent via email.

How Long Are Stats Archived For?

SafeDNS statistics are archived for up to 12 months, allowing users to track trends and identify patterns in their internet activity over an extended period.

What’s the Difference Between Detailed and General Stats?

SafeDNS provides two types of statistics: general and detailed. General statistics provide an overview of internet activity, including the number of requests, blocked requests, and blocked categories. Detailed statistics provide more granular information, including the specific domains and URLs that were blocked.

How Long Does it Take for the Stats to Update?

SafeDNS statistics are updated in real-time, within 5-7 minutes of internet activity. This implies that users can swiftly detect possible threats or suspicious actions and counteract or block them before they develop into a more significant concern.

In conclusion, the SafeDNS statistics feature is a valuable tool that provides users with insightful data about their internet activity. With the option to customize, archive, and export reports, this feature is useful for both individuals and organizations to enhance their online security and make informed decisions regarding their internet usage.

The course is divided into modules, each covering a specific topic related to web filtering and SafeDNS. Some of the topics covered include:

• Introduction to web filtering
• Creating allowlists and denylists
• Setting up custom filtering rules
• Monitoring network activity
• SafeDNS dashboard settings and configuration

To complete the course, you’ll need to create a SafeDNS account. Once you’ve registered, you’ll have access to the SafeDNS dashboard and be able to follow along with the course material. The course is designed to be self-paced, and you can complete the modules at your own convenience.

Upon completion of the course, you’ll receive a certificate of attendance, which demonstrates your expertise in web filtering and SafeDNS dashboard settings. This certificate can be valuable for IT professionals who want to demonstrate their expertise to employers or clients.

Overall, the SafeDNS course on the basics of web filtering and SafeDNS dashboard settings is an essential resource for anyone who wants to maintain a secure online presence. Whether you’re a small business owner or an IT professional, the course will teach you the fundamentals of web filtering and how to use SafeDNS to protect your network from online threats. So, register today and start learning!

What is a Firewall?

A firewall is a security system designed to monitor and control incoming and outgoing network traffic based on predefined security rules. Firewalls can be implemented at different levels of the network, including the hardware level, operating system level, and application level. Firewalls can block unwanted traffic, detect and prevent unauthorized access, and protect against malware and other security threats.

What is Content Filtering?

Content filtering refers to the process of blocking or allowing access to certain types of content based on predefined criteria. Content filtering can be done at the network level or at the endpoint level, and can be based on a variety of factors, including keywords, categories, file types, and more. Content filtering is often used to block access to inappropriate or harmful websites, or to prevent employees from accessing non-work-related content during work hours.

What is DNS Filtering?

DNS filtering is a type of content filtering that is based on domain name system (DNS) queries. DNS filtering works by intercepting DNS queries and determining whether to allow or block the requested domain based on predefined criteria. DNS filtering can be used to block access to known malicious domains, prevent access to specific categories of content, and enforce company policies related to internet usage.

Why do DNS filters and DNS Firewalls get mixed up?

One reason for the confusion between DNS filtering and DNS firewall is that both technologies operate at the DNS level. However, while DNS filtering is a type of content filtering that focuses on blocking or allowing access to specific domains, DNS firewalling is a more comprehensive approach that involves blocking or allowing traffic based on a wide range of criteria, including IP addresses, ports, protocols, and more. In essence, DNS filtering is a subset of DNS firewalling, but the two terms are often used interchangeably, which can lead to confusion.

Are they the same or different, then?

While DNS filtering is often referred to as a DNS firewall, this is not entirely accurate. A DNS firewall is a security system that is designed to prevent attacks that exploit DNS vulnerabilities, such as DNS cache poisoning or DNS amplification attacks. DNS filtering, on the other hand, is a content filtering technology that is designed to block or allow access to specific domains based on predefined criteria. While both technologies operate at the DNS level, they have different purposes and should be referred to using the appropriate terminology.

It’s crucial for cybersecurity companies to have a clear understanding of what “DNS Firewall” really means and to ensure that they can deliver exactly what their clients expect from them, without any confusion or uncertainty. While this term is used in many definitions and contexts, it can sometimes be difficult to know exactly what you’re getting. That’s why it’s important to choose a cybersecurity provider that you can trust to provide the services they promise. At SafeDNS, we started out as a content filter, and we have built our reputation on being transparent and delivering exactly what we say we will. When you work with us, you can have confidence that you are getting the protection and security you need, without any guesswork or uncertainty. Choose SafeDNS and let us help you stay safe and secure online.

If you’re interested in protecting your network and employees from harmful content and malicious domains, sign up for a free trial of SafeDNS today.

SafeDNS AppBlocker is a web filtering tool that enables precise control over your filtering settings, making it an excellent option to consider. SafeDNS AppBlocker has a list of 100+ apps divided into 14 groups for easier management, making it easier to block specific apps or ecosystems.

With SafeDNS AppBlocker, you can block individual apps or entire ecosystems or groups of apps/ecosystems. This gives you complete control over what apps are accessible, ensuring that you and your users are protected from harmful content and potential security threats.

AppBlocker VS. Categories

AppBlocker settings have a higher priority than Category settings in SafeDNS, which means that if an app is blocked by AppBlocker, that setting will override any Category settings that apply to the same app.

For instance, let’s say you have allowed access to social media apps by Categories settings, but you have also blocked access to Instagram by AppBlocker. In this scenario, Instagram will be blocked, even though it belongs to a category that is allowed.

It’s crucial to note that AppBlocker works one way only. If an app is blocked by Category settings, AppBlocker won’t allow access to that app. In such cases, it’s better to use the Allowlists to explicitly allow access to specific apps, regardless of their category.

AppBlocker VS. Allow/Denylists

AppBlocker functionality works alongside the Allow/Denylists to provide granular control over app and website access. While AppBlocker offers a more flexible approach to web filtering by allowing you to block individual apps or entire ecosystems/groups of apps, the Allow/Denylists enable you to explicitly allow or block specific websites or apps, irrespective of their category.

One crucial thing to note is that the Allow/Denylists have a higher priority than AppBlocker settings. This means that if a group of apps is blocked by AppBlocker, but an app from this group is in the Allowlist, the user will have access to the app because the Allowlist settings take precedence.

Whether you want to block social media apps during work hours, prevent access to gambling or adult content, or simply manage app usage, SafeDNS AppBlocker is the perfect solution. Its easy-to-use interface and customizable features make web filtering a breeze, helping you stay safe and secure online.