One of the biggest problems in today’s network security is users surfing on the Internet. I’m not against offering Internet access at work place or schools, for example, but I believe that some measures should be taken by the network administrators to limit the users from being able to access (intentionally or not) the webpages with threatening content (hijack, malware, spyware and so on…).
If big corporation have the money to invest in security development and devices, than the SOHO business would rather invest those money in something else. Sometime ago, I was having in my home a small network meaning on one PC and a notebook in my apartment and some few devices in other friend flat from the same building. Since the other partners that I was sharing the network with, where not so familiar with the bad things on the Internet, I had to come with a solution to limit the monthly problems with strange software being installed on their PCs after a night of web surfing. You know what I talking about, right? Nice banner pop-up, user click on it then something like spyware getting installed on his/her device.
Instead of investing in some firewalls, or configuring a Linux machine to filter traffic, I let some smart machines to filter my traffic: Domain Name Servers. So, I arrived at opendns.com. Free service that let you use their NS services, provide you with stats and filtering. Exactly what I needed. From that point everything was easy. I announced their NS IP addresses in my home network from our Cisco router through DHCP as default DNS servers, and I was protected. I assume that you also have a Cisco device, but if not, please have a look here where you might find your device and how to configure it.
Please click on the image below to see the presentation: