August 6, 2010

OpenDNS: Make your computer network safer, more secure, and more reliable.

OpenDNS LED Pendant
OpenDNS is a free DNS (Domain Name System) resolution service.
OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their Internet service provider's DNS servers. By placing company servers in strategic locations and employing a large cache of the domain names, OpenDNS usually processes queries much more quickly, thereby increasing page retrieval speed. DNS query results are sometimes cached by the local operating system and/or applications, so this speed increase may not be noticeable with every request, but only with requests that are not stored in a local cache.

Other features include a phishing filter, domain blocking and typo correction (for example, typing "wikipedia.og" instead of "wikipedia.org"). By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service. OpenDNS also launched PhishTank, where users around the world can submit and review suspected phishing sites.

OpenDNS is not open source software, but instead refers to the DNS concept of being open, where queries from any source are accepted.

OpenDNS earns a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This has the effect that if a user types a nonexistent name in a URL in a web browser, the user sees an OpenDNS search page. Advertisers pay OpenDNS to have advertisements for their sites on this page. While this behavior is similar to VeriSign's previous Site Finder or the redirects many ISP's are placing on their own DNS servers, OpenDNS states that it is not the same, as OpenDNS is purely an opt-in service (compared to Site Finder's effect on the entire Internet, as VeriSign is an authoritative registry operator) and that the advertising revenue pays for the customized DNS service.

According to OpenDNS, it may in the future provide additional services that run on top of its enhanced DNS service, and may charge money for some of them.

One example of such an added service was the company's April 22, 2007 launch of "shortcuts", letting users make custom DNS mappings, such as mapping "mail" to "mail.yahoo.com". This feature launch was covered by a large number of publications, including the New York Times, Wired, and PC World.

On May 13, 2007, OpenDNS launched a new domain blocking service which provides the ability to block/filter web sites visited based upon categories. This provides for corporate, educational and parental control over the type of sites that are deemed appropriate by the networks owner. On August 9, 2007 OpenDNS added the ability to override the filter through individually managed blacklists and whitelists. On February 20, 2008 in an effort to make their domain block list current with new website additions OpenDNS changed from a closed list of blocked domains to a community driven list whereby individual OpenDNS subscribers can suggest sites for blocking. If a sufficient number of other subscribers concur with the categorization of the site it is added to the appropriate category for blocking. The threshold of votes required to add a new site to the filter has not been disclosed. Over 50 categories now exist for categorizing websites providing for fine grained control over web browsing habits.

On December 3, 2007, OpenDNS began offering DNS-O-Matic, a free service, to provide a method of sending dynamic DNS updates to several Dynamic DNS providers using DynDNS's update API.

Privacy issues, conflicts and covert redirection
While the OpenDNS name resolution service is free, people have complained about how the service handles failed requests. If a domain cannot be found, the service redirects you to a search page with search results and advertising provided by Yahoo!. A DNS user can switch this off via the OpenDNS Control Panel. This behavior is similar to that of many large ISP's who also redirect failed requests to their own servers containing advertising.

In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Error Redirector" software on their PCs, OpenDNS started resolving requests to Google.com. Some of the traffic is handled by OpenDNS typo-correcting service which corrects mistyped addresses and redirects keyword addresses to OpenDNS's search page, while the rest is transparently passed through to the intended recipient.

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS without the user's consent (but within the OpenDNS Terms of Service). Users can disable this behavior by logging in to their OpenDNS account and unchecking "OpenDNS proxy" option. Additionally, Mozilla users can fix this problem by installing an extension or by simply changing or removing the navclient sourceid from their keyword search URLs.

This redirection breaks some non-web applications which rely on getting an NXDOMAIN for non-existent domains, such as e-mail spam filtering, or VPN access where the private network's nameservers are consulted only when the public ones fail to resolve.

Enhanced by Zemanta

About the Author

Tomboy

Author & Editor

Has laoreet percipitur ad. Vide interesset in mei, no his legimus verterem. Et nostrum imperdiet appellantur usu, mnesarchum referrentur id vim.

Post a Comment

 
Iwebslog Blog © 2015 - Designed by Templateism.com