Comments on: testing out openDNS

By: Rohan Pinto » OpenDNS

Rohan Pinto » OpenDNS — Tue, 11 Jul 2006 14:21:52 +0000

[...] However cool the opendns system seems to be, there are folks who believe that it does EXpose a serious security vulnerability. If I send a request for indexh.tml, mod_speling detects the mistake and will serve back index.html. The problem is any security products like an IDS/IPS won�t have this intelligence to try and �fix� the request before they analyze it. The IDS/IPS simply sees and logs a request for indexh.tml Modspelling, like this feature in OpenDNS, allows an attacker to side step the attack signatures on a IDS/IPS to exploit a site because the web server will �fix� the attack once it reaches its target. [...]

By: T. Longren

T. Longren — Mon, 10 Jul 2006 23:06:57 +0000

What’s Wrong With OpenDNS?

OpenDNS is surely going to prove to be a useful tool for those not intimately familiar with the internet. OpenDNS, provides some unique functionality compared with other DNS servers in that it detects typos and prevents phishing. For example, say you…

By: John Roberts

John Roberts — Mon, 10 Jul 2006 19:06:45 +0000

Harper, thanks for using OpenDNS. We’re working to answer all your questions, in our FAQ and on our blog and elsewhere.

You’re going to have even more control over your DNS soon.
http://blog.opendns.com/2006/07/10/first-article-about-opendns-appears-in-wired-news/

Tell us how it goes.