OpenDNS Free Domain Name System Configuration
Show Sponsor:
Show #74:
- Date: 2008-01-14
- Subject: OpenDNS Free Domain Name System Configuration
- Duration: 31:24
- Format: MP3
- Size: 12,923 kb
Topics Discussed:
- My Comments
- OpenDNS Background
- OpenDNS Features
- How To Configure and Set Up OpenDNS
Additional Information:
~~ Background
OpenDNS ( http://www.opendns.com ) is a free DNS (Domain Name System) server solution that replaces your ISP DNS servers. There is nothing Open Source about OpenDNS and it is a business that makes its revenue off searches and ads. You configure your home network to point to their servers instead of the servers your ISP provides you. OpenDNS started back in July of 2006 and has been going strong since then. One of the unique things they bring to the table over traditional ISP DNS servers is an increased feature set. These additional features can be helpful to the average computer user and their configuration is quite easy to adjust. One important thing to note is a lot of these features are Opt-In so you can decide whether you want them or not. Personally I feel that some of them are somewhat questionable (especially the fixing wrongly typed URLs) but as long as they are done transparently and are truly not filtering content then I am ok with it.
~~ OpenDNS Features
- Account based website and statistics - OpenDNS allows you to create an account that can hold your user preferences for all the other features they provide. This is critical in providing personal choice for someone and giving them the power to select which features they want and which they do not. The site also provides statistics and other relevant information on use while decently protecting privacy. There is a lot of configuration options available. An example is that they allow you to configure your own graphic that is shown so that you know the page displayed was because of one of their services.
- Improved load times - There is debate as to how much improvement in page load times you can get but those that have slow DNS resolution will see a benefit because of the infrastructure OpenDNS has set up with strategically placed servers throughout the globe. OpenDNS caches the IP addresses of many sites so you will see faster load times especially on pages where many DNS requests are required. This cache comes from all users of OpenDNS.
- Phishing protection - OpenDNS uses a service called PhishTank ( http://www.phishtank.com ) to help curtail the phishing attacks we all see. PhishTank is an online collaborative anti-phishing database. The data PhishTank uses for OpenDNS comes from a community of people that submit suspected phishing sites. These sites are verified by the community as to its validity and then the database is updated accordingly. Each user is tracked on their reliability in providing good phishing data to protect sites that might accidentally get entered in. Basically the members who contribute the most and are most accurate have the most weight in the community about their decision as to if a site is a phishing site or not.
What comes out of this is that OpenDNS blocks your ability to go to websites that are listed as phishing sites. So if you accidentally click on a link that would take you to a phishing site you will be presented with a screen alerting you of this. Remember this is an feature you must opt into to have. Also note that this will not protect you from sites that have not been confirmed by the PhishTank community nor sites that were never submitted. So you still have to be very careful with protecting yourself from phishing attacks.
- OpenDNS has another opt-in feature to helping to correct common spelling mistakes like if you type .cmo instead of .com. They will redirect to the correct domain you requested. If the site does not exist they will send you to a search page. This feature has some possibility of danger in how they decide what domains to are mistyped and what are not. But you can make that decision yourself and still opt-in or out as you want. VeriSign did this with a service called Site Finder and took a lot of public heat. The difference was that OpenDNS is an opt-in solution instead of how VeriSign did it since they manage the top level domains. VeriSign also made money off the search page that displayed.
- Search results on domains that do not exist - When you type in a domain that does not exist, OpenDNS will route you to a page that will display search results. They make revenue based on the Ads and search clicks. This is opt-in so if you do not like that turn it off. Otherwise if you wish to help support their service then keep the option enabled.
- Dynamic DNS (Domain Name System) solutions - OpenDNS is integrated into a new solution they provide called DNS-O-Matic ( http://www.dnsomatic.com ) which helps keep the dynamic DNS solutions out there aware of your new IP address. They work with many of the dynamic DNS providers and are able to update your accounts automatically when the IP changes.
- Domain blocking/whitelisting - OpenDNS allows you to give a list of domains that you will not be able to access. You can block parts of the domain, the full domain, or even a full tier level listing like .com. You can also white list certain domains so that they will always load.
- Adult content blocking - This is for the people out there that want to help cut back on the possibility of adult content being seen by their children. They have an agreement with St. Bernard Software ( http://www.stbernard.com ), who have reviewed tens of millions of domains by people not computers, to make sure you get the most comprehensive and easy-to-use adult site blocking service. You can pick from seven categories to select what level of adult content you wish to filter out. All the data is updated every day to keep it accurate.
- Shortcuts - OpenDNS Shortcuts make navigating online to anywhere easier. You can set up shortcuts and help everyone on your network use a short word to get to any online location. An example might be that you configure OpenDNS that when you type hnhi in your browser without the http:// it will automatically route you to http://www.homenetworkhelp.info
~~ How to Configure and Set Up OpenDNS
OpenDNS configuration is probably the easiest thing out there. They have an extensive help site on how to configure many routers to work with their servers. Basically you just log into your home network router and change the DNS servers from your current ISP to their. Remember that you should write down your ISP DNS settings first so that you do not lose them. Then you just enter in their DNS servers 208.67.222.222 and 208.67.220.220, save the settings. In some cases I like to reboot the router to make sure everything works ok. If you want help on how to configure use the OpenDNS detailed instructions with screenshots for several popular routers, operating systems, and mobile phones located at http://www.opendns.com/start/
Do not forget to also register the free account with OpenDNS that will allow you to control all the DNS features provided by OpenDNS. You need to go into their options and select which features you want to disable, etc. For me I enabled the phishing control and put in my own special message so I knew it was a phished site. I also set up the hnhi shortcut and disabled the type correction option because I still am not sure about how they filter what is a type and what is not. Also do not forget to set up the ability to get statistics for your DNS usage through them for the past 30 days. You should also go configure the Networks area so you can set up different networks. This is great if you are using OpenDNS from various locations, etc.