Suppose Your ISP DNS Servers are Poisoned (Open DNS)
Running a firewall Helps?
Yes, a firewall wil help
That’s why you only allow DNS OUT to destination port 53. Block incoming dns to any port because it’s not needed. You need three rules. The first two specifiy allow outgoing packets to DNS servers to port 53 and block all other outgoing to DNS servers. the third blocks all incoming DNS.
go to START>RUN>“cmd” type in “ipconfig /all” and look for your DNS servers (or sometimes they’re called “name servers”).
Go to network monitor. New rule.
ALLOW
TCP/UDP OUT
SOURCE: ANY
DESTINATION: YOUR ISP DNS SERVER(S)
CRITERIA: Where source port is ANY and destination port is 53
new rule
BLOCK
TCP/UDP OUT
SOURCE: ANY
DESTINATION: YOUR ISP DNS SERVER(S)
CRITERIA: Where source port is ANY and destination port is ANY
make sure these rules are in this order!
new rule
BLOCK
TCP/UDP IN
SOURCE: DNS SERVERS
DESTINATION: ANY
Criteria: Where source port is ANY and destination port is ANY
This will now allow DNS lookups under controlled circumstances and prevent any incoming packets from your dns servers.
Place these above the Block & Log ALL rule.