We're often warned to stay away from fishy-looking websites, but that advice isn't particularly useful if you type in the URL of a children's charity, and a rogue DNS server ends up sending you to a site devoted to donkey porn and which installs malware on your computer.

So how could this happen? Well, the first place your browser will go to find which DNS server to use is your Hosts file, buried deep within your computer's system and not particularly easy to access. Your network settings control panel will have a space for you to specify a DNS server to use, but they'll be overridden by that Hosts file, so if your computer has already been compromised it won't actually do much good.

Assuming your Hosts file is fine, and the browser finds no DNS server info in your control panel (which is pretty normal), it'll move to your router. Many routers also have such a setting, but again, it's usually left blank. If your admin password on your router is set as the default, it's not difficult for someone to log in and change your DNS to a rogue one. But if no other DNS server setting has been found, the request is just handled by your ISP. However, even large DNS servers of the kind run by ISPs aren't immune from attack.

How to avoid all this? Well, the usual anti-virus scanning advice applies; if your computer hasn't been compromised, your Hosts file won't have been compromised. But it's a good idea to put a reliable DNS server in your network settings, as it'll override any funny business that may occur further down the line, in your router or at your ISP.

Try OpenDNS (their servers are 208.67.222.222 and 208.67.220.220); as well as claiming to be faster and more reliable, they offer an additional layer of protection against rogue sites, and give you statistics about your browsing habits.

CONFUSED ABOUT TECHNOLOGY? SUBMIT YOUR QUERIES TO CYBERCLINIC USING THE COMMENT FORM BELOW, OR EMAIL QUESTIONS HERE.