It makes the web go round.
Did you know you could be connected to facebook.com — and see facebook.com in your browser's address bar — while not actually being connected to Facebook's real website? To understand why, you'll need to know a bit about DNS.
DNS stands for "Domain Name System". DNS servers match domain names to their associated IP addresses. When you type a domain name into your browser, your computer contacts your current DNS server and asks what IP address is associated with the domain name. Your computer then connects to the IP address and retrieves the right web page for you.
As a more concrete example, DNS servers translate web addresses (like www.howtogeek.com) into their IP addresses (like 23.92.23.113) so users don't have to remember strings of numbers for every website they want to visit. The Domain Name System (DNS) underpins the web we use every day. It works transparently in the background, converting human-readable website names into computer-readable numerical IP addresses. DNS does this by looking up that information on a system of linked DNS servers across the Internet. However, different DNS servers can behave differently in terms of speed and security.
The DNS servers you use are likely provided by your Internet service provider (ISP). If you're behind a router, your computer may be using the router itself as its DNS server, but the router is forwarding requests to your ISP's DNS servers.
Computers cache DNS responses locally, so the DNS request doesn't happen every single time you connect to a particular domain name that you've already visited. Once your computer has determined the IP address associated with a domain name, it will remember that for a period of time, which improves connection speed by skipping the DNS request phase.
Domain names are the human-readable website addresses we use every day. For example, Google's domain name is google.com. If you want to visit Google, you just need to enter google.com into your web browser's address bar.
However, your computer doesn't understand where "google.com" is. Behind the scenes, the Internet and other networks use numerical IP addresses. One of the IP addresses used by Google.com is 172.217.0.142. If you typed this number into your web browser's address bar, you'd also end up at Google's website.
We use google.com instead of 172.217.0.142 because addresses like google.com are more meaningful and easier for us to remember. IP addresses are also known to change, but the DNS servers keep up with that new information. DNS is often explained as being like a phone book, where you look up someone's name and the book gives you their phone number. Like a phone book, DNS matches human-readable names to numbers that machines can more easily understand.
Some viruses and other malware programs can change your default DNS server to a DNS server run by a malicious organization or scammer. This malicious DNS server can then point popular websites to different IP addresses, which could be run by scammers.
For example, when you connect to facebook.com while using your Internet service provider's legitimate DNS server, the DNS server will respond with the actual IP address of Facebook's servers.
However, if your computer or network is pointed at a malicious DNS server set up by a scammer, the malicious DNS server could respond with a different IP address entirely. In this way, it's possible that you could see "facebook.com" in your browser's address bar, but you may not actually be at the real facebook.com. Behind the scenes, the malicious DNS server has pointed you to a different IP address.
To avoid this problem, ensure that you're running good antivirus and anti-malware apps. You should also watch for certificate error messages on encrypted (HTTPS) websites. For example, if you try to connect to your bank's website and see an "invalid certificate" message, this could be a sign that you're using a malicious DNS server that's pointing you to a fake website, which is only pretending to be your bank.
Malware can also use your computer's hosts file to override your DNS server and point certain domain names (websites) at other IP addresses. For this reason, Windows 10 prevents users from pointing facebook.com and other popular domain names to different IP addresses by default.
As we've established above, you're probably using your ISP's default DNS servers. However, you don't have to. Instead, you can use DNS servers run by a third party. Two of the most popular third-party DNS servers are OpenDNS and Google Public DNS.
In some cases, these DNS servers may provide you with faster DNS resolves—speeding up your connection the first time you connect to a domain name. However, the actual speed differences you see will vary depending on how far you are from the third-party DNS servers and how fast your ISP's DNS servers are. If your ISP's DNS servers are fast and you're located a long way from OpenDNS or Google DNS's servers, you may see slower DNS resolves than when using your ISP's DNS server.
OpenDNS also provides optional website filtering. For example, if you enable the filtering, accessing a pornographic website from your network could result in a "Blocked" page appearing instead of the pornographic website. Behind the scenes, OpenDNS has returned the IP address of a website with a "Blocked" message instead of the IP address of the pornographic website—this takes advantage of the way DNS works to block websites.
For information on using Google Public DNS or OpenDNS, check out how to speed up your web browsing with Google Public DNS, easily add OpenDNS to your router, and protect your kids online using Cloudflare DNS.
By subscribing, you agree to our Privacy Policy and may receive occasional deal communications; you can unsubscribe anytime.
Chris Hoffman is the former Editor-in-Chief of How-To Geek. Chris has personally written over 2,000 articles that have been read more than one billion times—and that’s just here at How-To Geek.
With over a decade of writing experience in the field of technology, Chris has written for a variety of publications including The New York Times, Reader’s Digest, IDG’s PCWorld, Digital Trends, and MakeUseOf. Beyond the web, his work has appeared in the print edition of The New York Times (September 9, 2019) and in PCWorld’s print magazines, specifically in the August 2013 and July 2013 editions, where his story was on the cover. He also wrote the USA’s most-saved article of 2021, according to Pocket.
Chris was a PCWorld columnist for two years. He founded PCWorld’s “World Beyond Windows” column, which covered the latest developments in open-source operating systems like Linux and Chrome OS. Beyond the column, he wrote about everything from Windows to tech travel tips.
The news he’s broken has been covered by outlets like the BBC, The Verge, Slate, Gizmodo, Engadget, TechCrunch, Digital Trends, ZDNet, The Next Web, and Techmeme. Instructional tutorials he’s written have been linked to by organizations like The New York Times, Wirecutter, Lifehacker, the BBC, CNET, Ars Technica, and John Gruber’s Daring Fireball. His roundups of new features in Windows 10 updates have been called “the most detailed, useful Windows version previews of anyone on the web” and covered by prominent Windows journalists like Paul Thurrott and Mary Jo Foley on TWiT’s Windows Weekly. His work has even appeared on the front page of Reddit.
Articles he’s written have been used as a source for everything from books like Team Human by Douglas Rushkoff, media theory professor at the City University of New York’s Queens College and CNN contributor, to university textbooks and even late-night TV shows like Comedy Central’s @midnight with Chris Hardwick.
Starting in 2015, Chris attended the Computer Electronics Show (CES) in Las Vegas for five years running. At CES 2018, he broke the news about Kodak’s “KashMiner” Bitcoin mining scheme with a viral tweet. A wave of negative publicity ensued, with coverage on BuzzFeed News, CNBC, the BBC, and TechCrunch. The company’s project was later reportedly shut down by the U.S. Securities and Exchange Commission.
In addition to his extensive writing experience, Chris has been interviewed as a technology expert on TV news and radio shows. He gave advice on dark web scans on Miami’s NBC 6, discussed Windows XP’s demise on WGN-TV’s Midday News in Chicago, and shared his CES experiences on WJR-AM’s Guy Gordon Show in Detroit.
Chris also ran MakeUseOf’s email newsletter for two years. Nearly 400,000 subscribers received the newsletter complete with a handwritten tip every day.
About The Author
More Stories
Anatomy of a Scam
Climate and Environmental Sustainability Within the IETF and IRTF
From Commitments to Practice: Internet Society’s Priorities for WSIS+20 Implementation