Norton ConnectSafe was a free public DNS service offered by Symantec Corporation that claimed to offer a faster and more reliable web browsing experience while blocking undesirable websites. [1] The service was retired on November 15, 2018. [2]
The service was opened to the public in June 2010. [3] Norton ConnectSafe retirement has been announced and is planned to occur November 15, 2018. [4]
It provides protection from web threats in three protection policies. [5] It automatically blocks known unsafe, fraudulent, phishing and infected websites which can cause harm to a device. It also blocks unwanted content, which is not suitable for children. [6] Users can use Norton ConnectSafe by setting their DNS server addresses to those of the Norton ConnectSafe servers. Client software for Windows, Mac OS X, and Android is available to automatically configure devices to use Norton ConnectSafe. [1]
DNS queries routed through Norton ConnectSafe are checked using the Norton Safe Web database to ensure that they do not point to malicious or inappropriate websites. Symantec thus seeks to block malware and phishing attempts, [3] as well as pornographic and inappropriate websites if the user desires. Norton ConnectSafe will also intercept misspelled domain names and offer suggestions or display advertising. [1] This redirection breaks some non-Web applications that rely on getting an NXDOMAIN response for non-existent domains.
The following addresses are registered to Norton ConnectSafe: [7]
The computer file hosts is an operating system file that maps hostnames to IP addresses. It is a plain text file. Originally a file named HOSTS.TXT was manually maintained and made available via file sharing by Stanford Research Institute for the ARPANET membership, containing the hostnames and address of hosts as contributed for inclusion by member organizations. The Domain Name System, first described in 1983 and implemented in 1984, automated the publication process and provided instantaneous and dynamic hostname resolution in the rapidly growing network. In modern operating systems, the hosts file remains an alternative name resolution mechanism, configurable often as part of facilities such as the Name Service Switch as either the primary method or as a fallback method.
The Spamhaus Project is an international organisation, based in both Andorra and Geneva, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name spamhaus, a pseudo-German expression, was coined by Linford to refer to an Internet service provider, or other firm, which spams or knowingly provides service to spammers.
Norton Internet Security, developed by Symantec Corporation, was a computer program that provided malware protection and removal during a subscription period. It used signatures and heuristics to identify viruses. Other features included a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It was superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.
Anti-phishing software consists of computer programs that attempt to identify phishing content contained in websites, e-mail, or other forms used to accessing data and block the content, usually with a warning to the user. It is often integrated with web browsers and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate websites.
Pharming is a cyberattack intended to redirect a website's traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as "poisoned". Pharming requires unprotected access to target a computer, such as altering a customer's home computer, rather than a corporate business server.
Freegate is a software application developed by Dynamic Internet Technology (DIT) that enables internet users from mainland China, South Korea, North Korea, Syria, Vietnam, Iran, United Arab Emirates, among others, to view websites blocked by their governments. The program takes advantage of a range of proxy servers called Dynaweb. This allows users to bypass Internet firewalls that block web sites by using DIT's Peer-to-peer (P2P)-like proxy network system. FreeGate's anti-censorship capability is further enhanced by a new, unique encryption and compression algorithm in the versions of 6.33 and above. Dynamic Internet Technology estimates Freegate had 200,000 users in 2004. The maintainer and CEO of DIT is Bill Xia.
SURBL is a collection of URI DNSBL lists of Uniform Resource Identifier (URI) hosts, typically web site domains, that appear in unsolicited messages. SURBL can be used to search incoming e-mail message bodies for spam payload links to help evaluate whether the messages are unsolicited. For example, if http://www.example.com is listed, then e-mail messages with a message body containing this URI may be classified as unsolicited. URI DNSBLs differ from prior DNSBLs, which commonly list mail sending IP addresses. SURBL is a specific instance of the general URI DNSBL list type.
OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide.
Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures. The Storm Worm (2007) is one of the first malware variants to make use of this technique.
DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.
In computing, a blacklist, disallowlist, blocklist, or denylist is a basic access control mechanism that allows through all elements, except those explicitly mentioned. Those items on the list are denied access. The opposite is a whitelist, allowlist, or passlist, in which only items on the list are let through whatever gate is being used. A greylist contains items that are temporarily blocked until an additional step is performed.
Norton Safe Web is a service developed by Symantec Corporation that is designed to help users identify malicious websites. Safe Web delivers information about websites based on automated analysis and user feedback.
Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.
SmartScreen is a cloud-based anti-phishing and anti-malware component included in several Microsoft products, including Windows 8 and later, Internet Explorer, Microsoft Edge and Outlook.com. It is designed to help protect users against attacks that utilize social engineering and drive-by downloads to infect a system by scanning URLs accessed by a user against a denylist of websites containing known threats. With the Windows 10 Creators Update, Microsoft placed the SmartScreen settings into the Windows Defender Security Center.
Google Safe Browsing is a blacklist service provided by Google that provides lists of URLs for web resources that contain malware or phishing content. The Google Chrome, Safari, Firefox, Vivaldi, and GNOME Web browsers use the lists from the Google Safe Browsing service for checking pages against potential threats. Google also provides a public API for the service.
Norton, formerly known as Norton by Symantec, is a division of NortonLifeLock, and is based out of Mountain View, California. Since being acquired by the Symantec Corporation in 1990, Norton offered a variety of products and services related to digital security. In 2014, it was announced that Norton's parent company Symantec would split its business into two units - one focused on security, and one focused on information management, with Norton being placed in the unit focused on security.
SafeDNS is a company founded in 2010 in Virginia, US. It provides web filtering and cybersecurity solutions for different types of markets and customers. For instance, SafeDNS solutions prevent attacks from botnets, ransomware, computer viruses, phishing and other cybersecurity threats. They also provide solutions for parental control and other malicious sites by blocking or filtering URLs and IP addresses.
Trojan.Win32.DNSChanger is a backdoor trojan that redirects users to various malicious websites through the means of altering the DNS settings of a victim's computer. The malware strain was first discovered by Microsoft Malware Protection Center on December 7, 2006 and later detected by McAfee Labs on April 19, 2009.
Quad9 is a global public recursive DNS resolver which aims to protect users from malware and phishing. Quad9 is operated by the Quad9 Foundation, a Swiss public-benefit, not-for-profit foundation with the purpose of improving the privacy and cybersecurity of Internet users, headquartered in Zurich. It is the only global public resolver which is operated not-for-profit, in the public benefit. Quad9 is entirely subject to Swiss privacy law, and the Swiss government extends that protection of law to Quad9's users throughout the world, regardless of citizenship or country of residence. Quad9 is currently the only global recursive resolver which is not subject to United States law, as the others are each domiciled in the San Francisco Bay Area and governed by the Northern District of California US Federal Court.