Secure DNS for companies, servers, Android and Internet links

SECDNS.pl — simple DNS protection powered by DataHouse DNS Protect+

We filter and monitor DNS queries to reduce contact with malicious domains and detect potential infections earlier in services, applications, RDP environments, mobile devices and Internet connections.

Submit IP for protectionHow to configure DNS
SECDNS Cache DNS
Primary DNS80.72.32.60
Secondary DNS80.72.32.61
Threat database140,000+ entries
Updatesseveral times a day
Statusactive

How SECDNS works

SECDNS uses DataHouse DNS Protect+ to filter and monitor DNS queries at the first stage of Internet communication.

1

DNS query

A computer, server, phone, router or application asks DNS for a domain address.

2

Analysis and filtering

The query is checked against threat intelligence databases covering malware, phishing, botnets and C2 hosts.

3

Hit monitoring

Suspicious queries can be recorded as hits, helping detect a potential infection earlier.

Who this service is for

SECDNS is suitable for business Internet links, Cloud and Dedicated servers, RDP environments, business applications, Android devices and office infrastructure.

  • Cloud / Dedicated / VPS
  • RDP / Windows Server / Active Directory
  • Linux servers and workstations
  • Android / macOS / Windows clients
  • MikroTik / Ubiquiti / TP-Link / OpenWrt / pfSense
  • Internet links and business networks

DNS configuration guide

Expand the relevant section and set DNS servers to 80.72.32.60 and 80.72.32.61.

Windows 11 — DNS for Wi‑Fi or Ethernet
  1. Open SettingsNetwork & Internet.
  2. Select your active connection: Wi‑Fi or Ethernet.
  3. Open network properties.
  4. Next to DNS server assignment, click Edit.
  5. Choose Manual and enable IPv4.
  6. Preferred DNS: 80.72.32.60.
  7. Alternate DNS: 80.72.32.61.
  8. Save changes and run ipconfig /flushdns.
Windows 10 — Control Panel
  1. Open Control PanelNetwork and InternetNetwork and Sharing Center.
  2. Click your active Ethernet or Wi‑Fi connection.
  3. Click Properties.
  4. Select Internet Protocol Version 4 (TCP/IPv4) and open Properties.
  5. Select Use the following DNS server addresses.
  6. Enter 80.72.32.60 and 80.72.32.61.
  7. Confirm and run ipconfig /flushdns.
Windows Server / RDP
  1. Log in via RDP as administrator.
  2. Run ncpa.cpl.
  3. Open properties of the active network adapter.
  4. Open IPv4 and set DNS to 80.72.32.60 and 80.72.32.61.
  5. Run ipconfig /flushdns.
  6. Test with nslookup example.com 80.72.32.60.
For Active Directory domain controllers, clients should usually use local AD DNS, while AD DNS should forward external queries to SECDNS.
Active Directory DNS — forwarders
  1. Open DNS Manager on the domain controller.
  2. Right-click the DNS server name and choose Properties.
  3. Open the Forwarders tab.
  4. Add 80.72.32.60 and 80.72.32.61.
  5. Save and test from a domain workstation with nslookup example.com.
Linux Ubuntu / Debian — NetworkManager
nmcli con show
sudo nmcli con mod "CONNECTION_NAME" ipv4.dns "80.72.32.60 80.72.32.61"
sudo nmcli con mod "CONNECTION_NAME" ipv4.ignore-auto-dns yes
sudo nmcli con down "CONNECTION_NAME" && sudo nmcli con up "CONNECTION_NAME"
resolvectl status

Replace CONNECTION_NAME with the name shown by the first command.

Linux Server — Netplan

Edit a file in /etc/netplan/, for example sudo nano /etc/netplan/01-netcfg.yaml:

network:
  version: 2
  ethernets:
    eth0:
      dhcp4: true
      nameservers:
        addresses: [80.72.32.60, 80.72.32.61]

Apply with sudo netplan apply and check with resolvectl dns.

Linux — systemd-resolved

Edit /etc/systemd/resolved.conf:

[Resolve]
DNS=80.72.32.60 80.72.32.61
FallbackDNS=

Restart with sudo systemctl restart systemd-resolved and verify using resolvectl status.

Red Hat / Rocky / AlmaLinux / CentOS
nmcli con show
sudo nmcli con mod "CONNECTION_NAME" ipv4.dns "80.72.32.60 80.72.32.61"
sudo nmcli con mod "CONNECTION_NAME" ipv4.ignore-auto-dns yes
sudo nmcli con up "CONNECTION_NAME"

For older systems, set DNS1=80.72.32.60, DNS2=80.72.32.61 and PEERDNS=no in the interface configuration.

Android — Wi‑Fi and Private DNS

Android Private DNS requires a DoT hostname, not an IP address. For SECDNS IP addresses, configure DNS per Wi‑Fi network.

  1. Open Settings → Network & Internet → Wi‑Fi.
  2. Long-press the network and choose Modify.
  3. Open advanced options.
  4. Change IP settings to Static.
  5. DNS 1: 80.72.32.60, DNS 2: 80.72.32.61.
  6. Save and reconnect.
For many Android devices, the easiest method is to configure SECDNS on the Wi‑Fi router.
macOS
  1. Open System Settings → Network.
  2. Select Wi‑Fi or Ethernet.
  3. Click Details → DNS.
  4. Add 80.72.32.60 and 80.72.32.61.
  5. Save changes.
  6. Optionally run: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder.
MikroTik RouterOS
/ip dns set servers=80.72.32.60,80.72.32.61 allow-remote-requests=yes
/ip dns print

DHCP for clients:

/ip dhcp-server network print
/ip dhcp-server network set [find] dns-server=80.72.32.60,80.72.32.61
Ubiquiti UniFi Network
  1. Log in to UniFi Network.
  2. Open Settings → Networks.
  3. Select the LAN or VLAN network.
  4. In DHCP settings, set manual DNS.
  5. Enter 80.72.32.60 and 80.72.32.61.
  6. Save and renew client DHCP leases.
TP-Link / ASUS / D-Link / other routers
  1. Log in to the router, usually 192.168.0.1 or 192.168.1.1.
  2. Open Internet/WAN, LAN, DHCP, DNS or Network settings.
  3. Enter DNS 1: 80.72.32.60.
  4. Enter DNS 2: 80.72.32.61.
  5. Save settings.
  6. Reconnect devices or restart the router outside business hours.

Some models configure DNS under WAN, others under DHCP. The important point is that LAN clients receive SECDNS addresses.

OpenWrt
uci set network.wan.peerdns='0'
uci -q delete network.wan.dns
uci add_list network.wan.dns='80.72.32.60'
uci add_list network.wan.dns='80.72.32.61'
uci commit network
/etc/init.d/network restart
pfSense / OPNsense
  1. Open System → General Setup.
  2. Add DNS servers 80.72.32.60 and 80.72.32.61.
  3. Disable DNS received from WAN if you want to enforce SECDNS.
  4. Check DNS Resolver or DNS Forwarder.
  5. Set client DNS in DHCP Server for LAN.
In business networks, consider blocking direct DNS queries to other resolvers so devices cannot bypass DNS policy.

Latest hits

A dynamic list of the latest detected queries from the MySQL table.

DNS detection listlast 20 entries
TimeClientSourceDomainCategoryActionSeverity
2026-06-03 21:58:43unknown79.133.202.22vps140923.inmotionhosting.commalwareblockedhigh
2026-06-03 21:54:28unknown31.31.168.178vmi3338359.contaboserver.netmalwareblockedhigh
2026-06-03 21:45:37unknown79.133.207.101e4341e5u4d9q0aa826ca27y7e.vercel.appmalwareblockedhigh
2026-06-03 21:43:59unknown31.31.168.178vmi3338359.contaboserver.netmalwareblockedhigh
2026-06-03 21:37:15unknown185.7.107.148e4341e5u4d9q0aa826ca27y7e.vercel.appmalwareblockedhigh
2026-06-03 21:04:24unknown77.95.237.2usc1.contabostorage.commalwareblockedhigh
2026-06-03 21:01:07unknown79.133.202.37gdghhfhdnhhfdgnnxcbnddddvn-dpl0cm801n86.edgeone.devmalwareblockedhigh
2026-06-03 20:58:52unknown185.40.196.146usc1.contabostorage.commalwareblockedhigh
2026-06-03 20:57:53unknown79.133.207.100usc1.contabostorage.commalwareblockedhigh
2026-06-03 19:47:58unknown80.72.47.234gdghhfhdnhhfdgnnxcbnddddvn-dpl0cm801n86.edgeone.devmalwareblockedhigh
2026-06-03 19:28:52unknown79.133.207.101dailybeautywellness.commalwareblockedhigh
2026-06-03 19:06:51unknown79.133.202.5ip93.ip-198-50-202.netmalwareblockedhigh
2026-06-03 18:59:50unknown77.95.237.2soaries.commalwareblockedhigh
2026-06-03 18:58:50unknown79.133.207.100soaries.commalwareblockedhigh
2026-06-03 18:44:12unknown77.95.237.2c0-m9w0489dfgychjk-bsh3cs6t2s.edgeone.devmalwareblockedhigh
2026-06-03 18:24:54MY80.72.32.10everycarebd.commalwareblockedhigh
2026-06-03 18:10:11unknown185.73.229.138alsulmicpa.commalwareblockedhigh
2026-06-03 18:07:30unknown185.73.229.138alsulmicpa.commalwareblockedhigh
2026-06-03 17:22:27unknown77.95.236.41gdghhfhdnhhfdgnnxcbnddddvn-dpl0cm801n86.edgeone.devmalwareblockedhigh
2026-06-03 17:02:15unknown79.133.202.5ip93.ip-198-50-202.netmalwareblockedhigh

Would you like to use SECDNS free of charge?

Submit a request using the form or by email to dat@etop.pl with the subject DataHouse Protect. Provide your IP address or IP range and an email address for threat notifications.

After approval, the indicated infrastructure, services or Internet connection can be covered by an additional DNS protection layer.

Partners and infrastructure

SECDNS is based on DataHouse DNS Protect+ technology and the DataHouse, eTOP and Hostilla service ecosystem.

DataHouse.pl logoDataHouse.pleTOP logoeTOPHostilla.pl logoHostilla.pl