Tag Archive for ‘dns’ at T. Longren

Tag Archive for 'dns'

OpenDNS Introduces Shortcuts

Published

on April 23, 2007

. 0 Comments Tags: blog, dns, Internet, OpenDNS, Personal, software, tech, technology.

David Ulevitch, founder and CEO of OpenDNS, sent me an email yesterday letting me know about a new feature from OpenDNS. It’s called Shortcuts and looks really sweet. Shortcuts are very simple, similar to bookmarks in your browser. Here’s how OpenDNS describes shortcuts:

You type something short and easy to remember into your address bar and you leap straight to where you want to go. There’s nothing to install and it works how you want it to, no matter which browser you’re using. Add, remove or change your OpenDNS shortcuts at any time.

Instead of going into any more detail about OpenDNS shortcuts, I’m gonna direct you over to Paul Stamatiou. Paul already has a great post with some screenshots and examples of shortcuts, go check it out.

Popularity: 14% [?]

PhishTank Is Here

Published

Tyler

on October 2, 2006

in Internet, OpenDNS, Personal and Security

. 1 Comment Tags: blog, blogs, dns, Internet, network, OpenDNS, Personal, phishing, phishtank, Security, tech, technology.

PhishTank launched today. PhishTank is a site designed to make keeping tabs on phishing sites easier. If you come across a phishing site while browsing the web, you’re encouraged to submit the URL to PhishTank.

PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

PhishTank is operated by OpenDNS. OpenDNS opened their services to the public earlier this year to much fanfare. David Ulevitch and crew have done an amazing job with OpenDNS, I expect the same from PhishTank.

PhishTank does not provide protection against phishing sites, they simple store phishing related data. OpenDNS does protect against phishing though. OpenDNS and PhishTank go hand in hand. OpenDNS blocks access to phishing sites that are in the PhishTank database. Here’s a little piece from the OpenDNS FAQ about reporting phishing sites:

The fight against phishing isn’t just for the banks and big companies to tackle; you can help. Right now, we encourage submission of possible phishing sites via our contact form. Nothing will be blocked unless it’s verified.

Later this summer, we will introduce PhishTank.com, a free community site, with API, which will serve as a collaborative clearing house for data and information about phishing and malware on the Internet.

PhishTank will no doubt prove to be a valuable resource for the internet security community. Now, users of OpenDNS can basically control what sites are deemed “phishing” sites by making use of PhishTank. This was one of the main gripes people had with OpenDNS initially. There was no method to show what sites were flagged as phishing sites. Let there be transparency!

Popularity: 6% [?]

OpenDNS System Status

Published

Tyler

on July 27, 2006

in Internet, OpenDNS and Personal

. 4 Comments Tags: blog, blogs, dns, Internet, network, OpenDNS, phishing, Security, tech, technology, update, www.

It looks like OpenDNS is about to launch a “System Status” section of their website. Check out http://system.opendns.com/. I don’t know if this page is supposed to be live to the public yet, but what the hell.

Once you navigate to that page, you’ll see a status summary of the OpenDNS network. It looks like there’s gonna be a “mini blog” type of thing there too, probably mostly for making updates about outages or other problems. The “Testing” link you see in the image below is what leads me to believe there’s gonna be a separate “status” blog on that page.

There’s also a newer post at the OpenDNS blog about how they learn about phishing sites. I think they made that post in part due to one of my earlier posts on OpenDNS. :)

And boy how I wish I lived in San Francisco (well, not really). OpenDNS is currently looking for a Debian system administrator. Personally though, I’ve touched Debian once or twice. I can’t imagine leaving my beloved Slackware.

Oh, and I found the system.opendns.com site via my WordPress dashboard. system.opendns.com was listed as an incoming link from Technorati.

Popularity: 4% [?]

OpenDNS Preferences Are Live

Published

Tyler

on July 14, 2006

in Internet, OpenDNS and Personal

. 3 Comments Tags: blog, blogs, dns, Internet, news, OpenDNS, preferences, software, tech, technology.

I just noticed the OpenDNS preferences page is up and running. It’s pretty basic, but now you can enable or disable typo correction and phishing protection. The configuration is done based on IP address, so if you don’t have a static or persistent IP address, you might be out of luck. I don’t have a static IP at home, but I’ve managed to keep the same one for a little over a year now.

Here’s a screenshot of the preferences page:

Obviously, there’s not much there at this time. But look at the little information box in the top right. It mentions they’ll be adding more preferences there over time. It looks like they plan to have user accounts soon too, so you can manage preferences not based solely on your IP. Fun fun!

UPDATE: In my last post on OpenDNS, I mentioned I was having trouble getting to http://www.tehserver.us/. The problem seemed to resolve itself, when I was suddenly able to hit tehserver.us with no problem. However, come Monday morning, I’m unable to load tehserver.us again. Even when I type http://www.tehserver.us/Home, the direct link to the homepage, I get the OpenDNS search page. OpenDNS search successfully finds the site, but when I click on the search result, I’m taken back to the OpenDNS search page instead of being taken to tehserver.us. The really odd thing is that I can reach tehserver.us with no problem from home. Not so from work though. I’d think a traceroute to tehserver.us would be nearly identical from my house and from the office, since the two are about 3 city blocks away from each other.

Popularity: 3% [?]

OpenDNS Speed

Published

Tyler

on July 14, 2006

in Internet, OpenDNS and Personal

. 3 Comments Tags: adware, blog, blogs, dns, illegal, news, OpenDNS, Security, software, spyware, virus, weather, www.

Wikipedia defines Adware as “Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.”

This guy makes some good points, the OpenDNS as Adware idea not being one of them though. He’s had some issues with the typo fix feature of OpenDNS and the OpenDNS search page coming up when it shouldn’t.

So what happens when it doesn’t know the IP address you ask? Well sometimes it returns no answers

javila@BeanMac ~ $ dig verizonn.com @208.67.222.222

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

And sometimes it gives you back their server. (asdverizon.com. 1 IN A 208.67.219.40) any request to 208.67.219.40 results in a search the attempted url being ran through their systems. If im not misunderstood, they make their money off of adds displayed at this time… therefore, the more they don’t catch, the more money they make on advertising? Ok so I guess for their software it “Pays to be stupid”

Simply because an application doesn’t provided the expected results doesn’t mean it’s adware. OpenDNS seems like the kind of company who is out to stop adware and other sorts of internet baddies. That post is worth a read, it does a nice job of bringing to light some problems in OpenDNS. And, I don’t think the guy was actively trying to take the “OpenDNS is Adware” stand, he did file that post under “Talking Shit” after all. heh.

Another interesting OpenDNS related post comes from Thomas Ptacek. Thomas has noticed OpenDNS actually takes longer to resolve some domains than, say, your ISP’s DNS servers.

74ms longer via OpenDNS. How much of that is network latency? You could turn off recursion, but OpenDNS doesn’t support it, so instead query for OpenDNS’s own names:

nsping -z opendns.com 208.67.222.222
+ [ 22 ] 55 bytes from 208.67.222.222: 261.771 ms [ 192.468 san-avg ]

41ms. Weak evidence that it takes OpenDNS 33ms longer to look up random names at Google on my DSL connection? Note also that all the OpenDNS queries “succeed”, because OpenDNS sends you to a landing page for typos.

Some pretty interesting comments going on at that post too. David Ulevitch and Thomas might end up getting together to do some testing on DNS caches and overall performance. David made a comment in my previous post on OpenDNS in which he explains some of the new features they’re working on:

I agree 100% about us needing to be more transparent. The three biggest things we are working on right now are:
1) Getting account preferences up and running so people can just enable and disable the various features they are working on.
2) Providing a much clearer understanding of where our phishing data comes from and what happens if we make a mistake
3) Bringing up our London datacenter and adding in a bunch of peering and other network connectivity to our existing sites.

I’ve really only witnessed one problem with OpenDNS. This is a prime example, try navigating to http://www.tehserver.us/. It takes you to the OpenDNS search page, right? Well, the first link displayed on the search page is really where I want to go. So, I click the first link and I’m taken right back to the OpenDNS search page I was just on. So, there’s apparently no way for me to get to www.tehserver.us using OpenDNS. Granted, tehserver.us isn’t totally legitimate, it’s definitely not breaking any sort of laws. Perhaps the spellcheck is getting confused. The domain is tehserver.us, not theserver.us.

I’ve been using OpenDNS for about 5 days now. I am going to do some testing tonight at home to see if OpenDNS actually serves up info quicker than my ISP’s DNS servers. I will post the results and how I went about testing. That is, provided I have power at home, there’s been some awesome storms rolling through the last couple days. A welcome event for the farmers around here though.

UPDATE: I can get to tehserver.us with no problem now, I never even see the OpenDNS search page. David mentioned he’s opened a bug in bugzilla for the developers to check out. He also mentioned this post on OpenDNS by Greg Keene. Greg takes a look at OpenDNS and fears even one security breach could make OpenDNS disappear:

My concerns? The obvious, security and security. Will temptation to generate advertising overcome their ‘do good’ nature? We’ll have to see. A huge, obvious hole is their own security. If they get hacked, then their users are effectively exposed — don’t underestimate this. I’d like to get more people using them so we can really find how good they are. My thought is that one security breach could kill these guys, even an exposed exploit would be a very bad thing.

Give it a try and let me know what you think.

Popularity: 4% [?]

What’s Wrong With OpenDNS?

Published

Tyler

on July 10, 2006

in Internet, OpenDNS and Personal

. 5 Comments Tags: apache, blog, blogs, dns, everydns, httpd, network, network-security, OpenDNS, Security, tech, technology, www.

OpenDNS is surely going to prove to be a useful tool for those not intimately familiar with the internet. OpenDNS, provides some unique functionality compared with other DNS servers in that it detects typos and prevents phishing. For example, say you type http://www.longren.og into your browser. That URL obviously doesn’t exist, notice the .og at the end? OpenDNS will recognize the typo and will redirect the user to http://www.longren.org.

Smart huh? Yes, but it could have it’s drawbacks. This post highlights what could be a potential security risk in OpenDNS. It has to deal with intrusion detection systems (IDS) not realizing which URL is actually being requested. That post uses the mod_speling apache httpd module as an example.

If I send a request for indexh.tml, mod_speling detects the mistake and will serve back index.html. The problem is any security products like an IDS/IPS won’t have this intelligence to try and “fix” the request before they analyze it. The IDS/IPS simply sees and logs a request for indexh.tml Modspelling, like this feature in OpenDNS, allows an attacker to side step the attack signatures on a IDS/IPS to exploit a site because the web server will “fix” the attack once it reaches its target.

I disagree with the logic behind the authors claims. Why? Simply because I have a feeling OpenDNS was built with that taken into consideration. I’m betting there’s some sort of database internally that lets every piece of the network know exactly what is being served when a typo is detected. Everything from the IDS boxes to the DNS servers themselves. Maybe I totally missed the point of what that post was trying to get across.

Another thing OpenDNS should work on ASAP is transparency. I’d really like to know the false positive rate on phishing sites. How many legitimate sites get flagged as a phishing site? A publicly available reporting system would also be nice. Something to show DNS changes in particular would be nice for helping to maintain the integrity of the database.

But, I’m sure these questions will be answered in the near future, after all, today is the company’s first day with exposure to the “public”. There’s already mention of a new feature on the most recent post at the OpenDNS blog.

One important feature which is not yet available, but will be soon, is self-service control over the DNS settings. Ryan’s article, understandably, doesn’t mention this capability, since it’s not yet live.

The point? We’re going to put more control in your hands, so if you want to turn off features like typo correction or phishing prevention, you’ll be able to. Account management is the top priority now, to help demonstrate the power of control over your DNS. We think transparency and control will show you (not just tell) that we’re making the right choices.

Ryan’s article is of course the article that was in Wired this morning. See, they’re already taking steps to provide more transparency, hopefully it will continue.

Harper Reed is also a bit skiddish with OpenDNS still, like me. I think OpenDNS has great intentions though, so I’m not too worried. Founder of OpenDNS, David Ulevitch, already has a pretty outstanding reputation in the internet community, probably due mostly to the success of EveryDNS. OpenDNS is out to do good on the internet, just like EveryDNS. That doesn’t mean they can’t do harm, as we saw with Blue Security.

I’m pretty sold on OpenDNS overall. I put their DNS servers in my DHCP server config tonight after I got home from work. And the Nevada office as well as a couple servers in Ankeny are using OpenDNS now too.

Popularity: 5% [?]