Jump to content

Talk:OpenDNS

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

DNS typo-correction

[edit]

The article reads like there is an typo-correction feature shipped by using the OpenDNS DNS-resolvers. This isn't technically true, as the typo-feature is implemented by using HTTP redirects only - it has nothing to do with DNS whatsoever as not existing domains all resolve to the very same IP address - see dig @208.67.222.222 foo.ogr +short. If you query this address with HTTP using the previously resolved domain as host-argument you'll get an HTTP redirection - see printf "GET / HTTP/1.1\r\nHost: foo.ogr\r\nConnection: close\r\n\r\n" | nc 67.215.65.132 80 returning Location: http://guidetest.a.id.opendns.com/?url=foo%2Eogr. This web-service will then either redirect the users to the correct domain, which in this case is 'foo.org', or it will redirect to a search-engine of OpenDNS.

Therefore it's technically incorrect to speak of a typo-correcion-extension of DNS which the first sentence of the article suggests: OpenDNS is a company and service which extends the Domain Name System (DNS) by adding features such as misspelling correction, phishing protection, and optional content filtering.

What is an MSP?

[edit]

Please - if you want to use acronyms, spell them out. On first use is good. I am not correcting what I do not know - can the person who entered that section spell it out please. That is all.Ambiguosity (talk) 13:49, 12 March 2017 (UTC)[reply]

Hacker Abuse Section?

[edit]

How about the addition of a hacker abuse section to this article? Hackers are hijacking GoDaddy user accounts DNS entries and routing them to CloudFlare servers which end up at 208.67.222.222 -- the OpenDNS server. That's enough of a problem that people tracking where their domain names that were hacked are ending up might find use in finding information here on this article about. SoftwareThing (talk) 22:48, 16 August 2018 (UTC)[reply]

@SoftwareThing: Can you explain the hack better or provide a link that talks about it in more detail? I don't understand what hackers would gain from changing people's domain names to redirect to the primary OpenDNS name server IP. --Dan Harkless (talk) 00:13, 14 August 2019 (UTC)[reply]
Krebs discussed this far better than I could In This Article Dated Feb of 2019. Once you have access to a domain name server's DNS records, you may direct web traffic to any URL you wish, and typically for modern, active web sites, victims of such hacks find out quickly, but for web sites that are "abandoned" or otherwise have very low user access / hits (aside from web crawlers for indexing services) discovering the DNS hack can take a long time.
Spammers and malware is the primary target of DNS hacks, however when a hacker can gain even temporary access to a well-used web site's DNS records, there is considerable money to be made by spoofing the web site, assuming the hacker took the time to create a web site that looks like the original.
The hacking in these latest rounds of DNS hijacks, is a trivial thing, no real hacking acumen is needed, no hard research, damn near anyone can do it -- or could; GoDaddy may have plugged that hole since this was a year ago. SoftwareThing (talk) 16:22, 14 August 2019 (UTC)[reply]

Phishing

[edit]

I'm confused about whether phishing protection is provided by openDNS by default or not. I was of the understanding (after reading this article a while back) that if you manually change the DNS server settings in your router to 208.67.222.222 and 208.67.220.220 that that would give you phishing protection by default. I did this some time back.

Today I was curious about further protection openDNS might provide and went to https://www.opendns.com/home-internet-security/ There's a table about 3/4 of the way down the page that compares the 4 different openDNS packages for home users and it seems only the Prosumer package has phishing protection.

But this page contradicts that: https://signup.opendns.com/homefree/ On that page it says that the Home Free package DOES block phishing websites. (This service is free, but you do have to create an account as opposed to just entering the openDNS servers manually into a router. By creating an account it seems that you get 50 customizable filtering categories which you don't get with the manual router method).

The first link refers to "malicious phishing" (is there such a thing as "benign phishing"?) whereas the second link refers to just "phishing".

I'm confused, can anyone explain? — Preceding unsigned comment added by 95.147.5.140 (talk) 18:49, 13 August 2019 (UTC)[reply]

Updates to DNS Over HTTPS info

[edit]

Some updates are probably needed to the DNS section to reflect info from the Cisco Umbrella blog from 2/27/2023: https://umbrella.cisco.com/blog/enhancing-support-dns-encryption-with-dns-over-https

A11ectis (talk) 13:59, 29 April 2023 (UTC)[reply]