Any replacement for MBAM or something to block bad sites?

[YeOldeStonecat]

Great ideas all to compliment. What safe DNS has everyone had experience with? I'm only familiar with open DNS. They have umbrella for msps

Nortons ConnectSafe.
But mostly have used OpenDNS for...geeze...I think maybe 10 years now. Great product, cuts down on malware.

Every "layer" you can do that cuts down on malware.....the overall sum of all of those layers combined results in a client with greatly reduced malware calls.

When you do MSP stuff, as in having business clients for fixed monthly rates...this results in HUGE reductions of your time cleaning malware. Which is a "WIN" for you, client is more profitable since you're spending much less time there each month.

If you charge for each malware cleaning..well, you probably don't like this kind of layered protection.

 

[cypress]

I use Adblock Plus along with Web of Trust. I also install UnChecky and configure OpenDNS

 

[NYJimbo]

Has anyone experienced situations themselves where OpenDNS saved a machine from some bad event/site ? I know its a great resource but I just never heard of it really "saving the day" other than being a reliable dns resource.

 

[Xander]

Jimbo, a good DNS server is one of those things where, if it's working, you might never know. Do we give credit to the red light in front of us for saving us from having an accident? Would we know if a DNS server saved us from a nasty Cryptolocker infection or just kept us from a site with a very poor reputation?

I heard back from GFI. Their "web protection" will be priced as an add-on like their AV (same price for those that know it). While not a ton of money, that would add significantly to my monthly bill. I was hoping it would be more like their remote background for a fraction of that.

So, instead, I think I might lean towards setting their DNS servers via a script and using
Nirsoft's QuickSetDNS program for that (which supports the command line and, unlike NETSH, doesn't require you to know the name of their adapters). It could also be easily removed when they cancel coverage the same way. I may start another thread or see if there's an existing one to cover the best rated ones.

 

[NYJimbo]

Would we know if a DNS server saved us from a nasty Cryptolocker infection or just kept us from a site with a very poor reputation?

I guess that's what I am trying to figure out. If you typed in a url for a known bad site does OpenDNS simply not provide the site or does it warn you not to go in there ? I have not seen that kind of response from OpenDNS in action. I know if you type in an unknown site it will tell you its not available and then dump an output similar to a search engine with alternative results but I have not seen OpenDNS actually tell us its not going to let you go to a bad site.

 

[PCS]

Unchecky note. It works on downloaded items but not online, went to get flash from adobe today and it dosnt untick McAfee before you download the online installer, but its better then nothing

 

[Rocco]

Unchecky note. It works on downloaded items but not online, went to get flash from adobe today and it dosnt untick McAfee before you download the online installer, but its better then nothing

I am still confused with how adobe partners with crapware. They are a huge, legitimate company. Why would they let their name be attached to pc cleaner, or whatever flavor of the month.

As far as I can tell, java stopped. At least I don't remember unchecking anything last many, many updates.

 

[Xander]

Unchecky note. It works on downloaded items but not online, went to get flash from adobe today and it dosnt untick McAfee before you download the online installer, but its better then nothing

I think that'd be completely expected. For what you're saying, you'd be expecting Unchecky to be scanning every webpage you're on and pre-unchecking any potential bundling.

Unchecky only purports to run on the installers themselves, so if an installer never asks or give options to install toolbars/etc, it would have nothing to do.

 

[cypress]

I guess that's what I am trying to figure out. If you typed in a url for a known bad site does OpenDNS simply not provide the site or does it warn you not to go in there ? I have not seen that kind of response from OpenDNS in action. I know if you type in an unknown site it will tell you its not available and then dump an output similar to a search engine with alternative results but I have not seen OpenDNS actually tell us its not going to let you go to a bad site.

When I first started messing with OpenDNS. I tested some sites on a virtual machine and did get a prompt from OpenDNS that I was going to a bad site. So yeah it has worked for me when testing it.