- May 9, 2015
Should one use IPv4 or IPv6 DNS server address ? Since large majority of IPs are still on IPv4 does it make sense to use an IPv6 DNS resolver address ?
Roughly 90% of all malware come via the browser (the rest via emails and links again), so avoiding landing on an infected webpage is the basics.
Not to mention, that recent phishing sites (IDN) can fool even skilled users showing the proper certificate, unless you check, who it was issued for.
People must be awfully high risk web surfers, otherwise web content filtering is an absolute waste of resources.
Web content filtering is the least effective protection - even worse than signatures.
The rationale for focusing upon web content filtering so much is erroneous.
People act like every other web page is malicious, and that just ain't true. It seems to me to be nothing but a whole bunch of needless paranoia.
You advocating every other web page would be safe is a terrible advice. One need not be paranoia in anything but should be aware of what he/she does. Web content filtering helps to protect you from not only malware but phishing, scam sites etc which no "lock down" configurations can protect you
Just blocking porn blocks ~5% malware and if you block malware at DNS/system level, it even blocks some malware downloaders, like ransomware.