Web filtering keeps you a little safer
HOSTS File Interception of Malicious Sites
I have used OpenDNS in the past, but found that, on occasion and although I has set no restrictions, it suddenly decided I could not watch YouTube or access some site or another due to my 'policy', then later reverted to working -- as far as I could tell -- properly. I had not set restrictions.
Currently, I use Google DNS rather than my ISP's DNS, as I figure it is probably very accurate. See https://developers.google.com/speed/public-dns/faq It claims to be unfiltered and says,
" Does Google Public DNS offer the ability to block or filter out unwanted sites?No. Google Public DNS is purely a DNS resolution and caching server; it does not perform any blocking or filtering of any kind. We believe that such functionality is best performed by the client. If you are interested in enabling such functionality, you should consider installing a client-side application or browser add-on for this purpose.
For site filtering, I have used Spybot Search and Destroy's immunization for many years now and consider it a must-have. http://www.safer-networking.org/en/download/index.html
I run the scan periodically, but don't worry to much about some of the cookies it turns up. It has on occasion found more undesirable things on machines for me, though. I generally use it as part of my clean-up of friends' machines, along with (indispensable) Malwarebytes.
My understanding is that this free application (I found it is worth a donation) maintains a list of bad IPs that that it injects into the HOSTS file on the user's computer and silently and unobtrusively redirects those IPs to 127.0.0.0 It seems completely unobtrusive, but needs regular manual updating and immunization. I tried the new beta and found it unintuitive and slow, but the tried-and-true 1.62 version has served me well on many machines. It has other protections which I can't claim to really understand, but which seem to be reasonably lightweight, and, of course, there is the scan.
Here comes big show of ignorance
I too, use Spybot Search Destroy Immunize, NoScript, Avast paid, SpywareBlaster paid, AdBlock Plus, Better Privacy. Have been trying to figure out whether to get w/ VPN service and then read this.
Confused if this is a parallel protection or something quite different? Do one or both? Great article, just that now I'm left confused what's best for an all-in-one solution for both desktop and wi-fi laptop I might use at Starbucks, for example.
Comcast may block legitimate email from foreign sites w/out notice
I have friends in various foreign countries, including France, England, and Australia. Without warning, Comcast has blocked incoming email from legitimate providers in each of these countries. Is this what Ms. Bradley means by: "Along with DNS, some ISPs (such as Comcast) include Web filtering — also called content filtering — for additional security?"
When Comcast blocks the incoming mail, sometimes the sender gets a bounce message from Comcast. Equally often, they have no way to know that Comcast has blocked the email. Nor do I. This happened with some important email from my bank in France, for example.
Each time it happened and I found out, I called Comcast's security division. They would check, discover that the particular domain had a block on it, and then release the block. This might last for a while, or the block might reappear a few days later. If this is web filtering, Comcast's version is not worth the trouble it causes.
After dealing with this for a couple of years, I found the solution. I use gmail for all my foreign correspondents. I really hate doing this, but there is nothing else I can do until I change providers.