Giving OpenDNS a try

With stories in the tech news about a recently discovered DNS flaw that allows malicious parties to redirect even properly-typed-in URLs to spoof sites’ IP addresses, I got curious about this OpenDNS I keep hearing about. Supposedly it’s faster and also blocks phishing sites, has patched the DNS flaw, has 100% uptime, and allows configuration for blocking other categories of sites as well.

If the terms DNS, IP address, URL, and phishing have you confused, I’ll give you a quick explanation of at least my basic understanding of them. If you have a cell phone, it’s very likely, you store your friends’ and family’s phone numbers in there, but you don’t browse by phone number—you browse by name. If you see Aunt Myrtle and call her, your phone has a translation for itself that says “Aunt Myrtle is really 212-867-5309.” That’s basically how DNS and IP addresses work, too. When you want to go to Google, you type www.google.com (the URL) in the address bar of Firefox, Opera, Safari, or Internet Explorer; you don’t type 209.85.173.104 (the IP address). The DNS server translates the URL to the IP address. If there’s an exploitable flaw in the DNS server, the people exploiting the flaw may be able to take the proper URL you typed in and point it to an improper IP address. In the analogy I gave before, it would be as if someone messed with your phone and made it so Aunt Myrtle really called 911 instead of 212-867-5309.

Well, I think I see a slight increase of speed, but maybe it’s just a placebo effect. I don’t know. I’m giving OpenDNS a go, and we’ll see if I can live with it hijacking my keyword URL search in Firefox. I know some people have privacy concerns, but really my privacy isn’t any more secure with my ISP’s DNS server than with OpenDNS’s DNS server.

5 comments

  1. Honestly, I never found OpenDNS that great. Firefox now has some great built-in phishing, and the speed boost seemed too small (if even there). And I HATE that it messes up my existing keyword searches. Also, the OpenDNS search engine is completely inferior to Google, so when I type in a search query in the address bar, it gives me results that often have nothing to do with what I’m looking for.

  2. I never got the fascination with anti-phishing stuff. People are so ill-observant that they have to be told constantly not to give their details away willy-nilly? It’s not too hard to spot a phishing email; I guess most just never question what they’re told.

  3. I have a list of dns that my machine rotates through on boot.
    sprint
    4.2.2.2
    4.2.2.3
    opendns
    208.67.220.220
    208.67.200.200
    my isp’s dns
    xxx
    xxx

    Plain truth though, I’m really considering doing what I used to do back in 98 and 99 which was install my own dns server.

  4. I am also using and am not really impressed. It does seem like a good idea but I believe that it tries to do too much. The keyword replacement is actually a pain.

    I will probably be removing it when I get a chance to fiddle with my routers settings again.

Leave a Reply to Cormic Cancel reply

Your email address will not be published. Required fields are marked *