testing out openDNS

10 Jul

Posted by Harper as Technology at 03:18 PM
Tags: opendns-dns-everydns-phishing-hacking

I just put openDNS into place at skinny. It is a neat DNS “replacement” that is a bit more intelligent than regular DNS. it apparently checks for phishing and notifies the user that they are going to a “phishing site.” This is pretty cool stuff – however i am worried about who chooses the phishing sites. I mean, what if they become a bit more vigilant and start blocking “hacking sites” or “sites deemed inappropriate?” scary! i kinda wish it wasn’t so effective as to completely blind the user to the phishing attempt. However – i totally see this being great for someone like my parents or my apt. people who don’t really want to worry about DNS or all that crap.

One of the other cool features of openDNS is that it has a nice domain level spell checking. so if you mispell nata2.org as nata2.og it will redirect you to nata2.org. haha. awesome.

even though it is really cool and potentially very very helpful for not as savvy internet users i am still a bit freaked out by the control that openDNS has over what i view. I guess though that all DNS servers have that control -but that openDNS is overt about its use of the DNS system for good.

Well. i will of course chronicle how it goes..

OpenDNS Part 2: after using it for a hiphop minute

3 Responses

John Roberts

July 10th, 2006 at 5:06 pm
1

Harper, thanks for using OpenDNS. We’re working to answer all your questions, in our FAQ and on our blog and elsewhere.

You’re going to have even more control over your DNS soon.
http://blog.opendns.com/2006/07/10/first-article-about-opendns-appears-in-wired-news/

Tell us how it goes.
T. Longren

July 10th, 2006 at 9:06 pm
2

What’s Wrong With OpenDNS?

OpenDNS is surely going to prove to be a useful tool for those not intimately familiar with the internet. OpenDNS, provides some unique functionality compared with other DNS servers in that it detects typos and prevents phishing. For example, say you…
Rohan Pinto » OpenDNS

July 11th, 2006 at 12:21 pm
3

[...] However cool the opendns system seems to be, there are folks who believe that it does EXpose a serious security vulnerability. If I send a request for indexh.tml, mod_speling detects the mistake and will serve back index.html. The problem is any security products like an IDS/IPS won’t have this intelligence to try and “fix” the request before they analyze it. The IDS/IPS simply sees and logs a request for indexh.tml Modspelling, like this feature in OpenDNS, allows an attacker to side step the attack signatures on a IDS/IPS to exploit a site because the web server will “fix” the attack once it reaches its target. [...]

Hi. My name is Harper. I am an engineer involved in social networks and the open source software. I am very happily employed as the CTO of the awesome skinnyCorp/Threadless in Chicago, IL. We make some really cool stuff. This is obviously my blog. I write about everything from being a professional yoyoer to hacking the newest Internet appliance. Be sure and check out my homepage at harperreed.org. If you are so interested, my resume is located here. I love getting emails and what not so feel free to contact me through here.

Be sure and take a gander at my photos.

If you want to contact me click here to start a chat.

Status

follow me on Twitter

Harper Reed: Tech, Mobile, Yo-yoing and Death Metal

testing out openDNS

Related Posts

3 Responses

Status

Pictures

Friends

Popular Tags

search

Categories

Archives

Recent Entries

Recent Comments

Most Commented