HKCert
HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

HKCERT logo Hong Kong Computer Emergency Response Team Coordination Centre

Security Guideline

How to configure your Windows PC to use the secure DNS service? (For home users only)

Release Date: 10 / 07 / 2018
Last Update: 02 / 08 / 2018
Table of Contents:

 

Many security incidents are used to lure user to access the malicious site via a phishing URL or malware background execution. To avoid and protect your personal computer, you could configure your DNS service as follow:

 

Prerequisite

Local admin right is required in order to go through the following steps.

 

Window 7

  1. From the “start menu”, click “Control Panel”, and then click “View network status and tasks” under “Network and Internet”. (Tips : Make sure “View by: Category”)
  2.  

  3. Click “Change adapter settings
  4.  

  5. Assume that you are using wired network, Right click the “Local Area Connection” and select “Properties
  6.  

     

  7. Highlight “Internet Protocol Version 4 (TCP/IPv4)”, and click “Properties”.
  8.  

  9. Under “General” tab, select “Use the following DNS server addresses:”. Enter the IP of DNS to “Preferred DNS server: “and “Alternate DNS server:”. If you have done the configuration, click “OK” to confirm.
  10.  

  11. Done.

 

Window 10

  1. From the “start menu”, click “Settings”.
  2.  

  3. Select “Network & Internet
  4.  

  5. Select “Change adapter options” (Tips: make sure “Status” tab is selected)
  6.  

  7. Assume that you are using wired network, Right click the “Ethernet” and select “Properties
  8.  

  9. Highlight “Internet Protocol Version 4 (TCP/IPv4)”, and click “Properties”.
  10.  

  11. Under “General” tab, select “Use the following DNS server addresses:”. Enter the IP of DNS to “Preferred DNS server: “and “Alternate DNS server:”. If you have done the configuration, click “OK” to confirm.
  12.  

  13. Done.

 

 Common secure DNS services 
ProviderPrimary IPSecondary IPwebsite
Cloudflare1.1.1.11.0.0.1https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/
Comodo8.26.56.268.20.247.20https://www.comodo.com/secure-dns/
Google8.8.8.88.8.4.4https://developers.google.com/speed/public-dns/faq
Quan99.9.9.9149.112.112.112https://www.quad9.net/faq/
OpenDNS (Cisco)208.67.222.222208.67.220.220https://www.opendns.com/setupguide/