Update: July 2008 – OpenDNS is not vulnerable to a DNS cache poisoning attack that was recently discovered. OpenDNS has written about the multi-vendor vulnerability on the OpenDNS blog. Please read on for the original post about OpenDNS.
We all want to be safe when we surf the web. The problem is that there are lots of malicious, unscrupulous web sites that we can potentially stumble upon. The more tools we install on our computers to protect us, the slower they potentially become. Instead of installing additional SW on your computer, you may think about using the free service available from OpenDNS.
Since our computers uses DNS to find web sites (see my previous posts which explain DNS), we can make a few small adjustments to our network settings to help avoid bad sites, and block others we deem inappropriate for our family.
Let me first stay that OpenDNS is truly free. I am not affiliated with OpenDNS in any way. There is no cost to you to use any of their services and there are no pop-ups, pop-unders or software to install. Simple change your computer’s DNS entries to the following: 126.96.36.199 and 188.8.131.52.
I’m not going to re-invent the wheel here, so I will direct you to their website which has detailed step by step instructions for changing your DNS settings. It only takes a couple of minutes, and if you are really brave, try changing your routers DNS entries too.
That’s it. No other actions are needed. You can stop at this point and enjoy the following benefits:
Faster Web Browsing
Your browsing experience will be faster and more reliable because OpenDNS will automatically route your DNS queries to the closest available server. Also, if that server is down or unavailable for any reason, you will automatically be routed to the next nearest one. This is something your ISP does not do.
Phishing Site Avoidance
By default, OpenDNS detects and blocks you from connecting to hosts known to have phishing scams associated with them. You simply get re-directed to OpenDNS’s Phishing Error page which lets you know why the site is not accessible.
OpenDNS uses a sophisticated system called PhishTank that keeps timely updates of scam and fraudulent sites that integrates into their DNS service to help keep you protected.
These two services alone are compelling enough reasons for me to start using their services (and by the way I have been using for months now). The little time it takes to make the configuration changes, I believe, is well worth the added benefits. However, there is more.
Sign up for a free account and add your network (which OpenDNS automatically detects) to your “Dashboard” and get these added benefits too:
Use their easy to navigate web administration page to block certain domains.
Enter a site like “example.com” and anything under that domain will be blocked. For instance, www.example.com, test.example.com, bubba.example.com, ww2.example.com, etc… will be blocked. A customizable OpenDNS page will appear instead.
Adult Site Blocking
OpenDNS can easily bock adult-xxx, or adult-themed sites with the click of a mouse.
Using your account administrator page, you can turn on Adult Site Blocking just by checking a box and applying the new settings. By default, adult-xxx and adult-themed sites are not blocked, so you will have to turn this on if you want it.
This is probably one of the coolest features they offer. If you decide to turn on statistics, you can view all the sites the have been visited from your network. If you want to see what the kids were looking at, this is an easy way to do it.
Not only can you view the sites, but you can click a button to immediately begin blocking any sites you deem inappropriate.
You can view the data in different ways, select to download the data as a CSV, all with a few clicks. You can even elect to delete all the collected data and start over, or just simple stop collecting data all together (for those of you that are concerned with privacy).
I highly recommend OpenDNS to anyone who wants to browse safer, faster, and with complete control over the content being viewed.