[LINK] OpenDNS?

stephen at melbpc.org.au stephen at melbpc.org.au
Sat Dec 21 15:12:11 AEDT 2013 

Just wondering, would the Link networking folk here recommend changing to
and so utilizing the OpenDNS address as our first port of call for all our 
net connectivity? Eg changing settings to: 208.67.222.222 & 208.67.220.220?

For example, how to do this: https://store.opendns.com/start

And, a recent (basic) OpenDNS Blog Promo ..


"Speed, Security, and Safety Through DNS"

By Philip Thomas, December 11, 2013  http://blog.opendns.com

The Domain Name System, or DNS, serves as the core of all work at OpenDNS. 

It lets us connect 50 million people a day to the Internet with our free 
home DNS service, predict malware outbreaks in the OpenDNS Security Labs, 
and provide scalable security enforcement and Umbrella threat protection. 

How does an Internet protocol invented 30 years ago serve so many purposes? 

In this post, I’ll be taking an in-depth look at DNS – what it is, what 
makes it work, and how we use it to safely connect people to the Internet 
anywhere and anytime.

What is DNS?

DNS is the address book of the Internet. Computers identify themselves with 
an “Internet Protocol Address,” or an IP address. When you connect to 
websites, they also have an IP address. 

For example, the IP of the OpenDNS website is 67.215.92.219. When you 
connect to this site, the address bar on your browser doesn’t show 
67.215.92.219 – it shows blog.opendns.com – but if you type our IP address 
into your address bar, you still get to our website!

In that example, blog.opendns.com and opendns.com are domain names. They 
were invented by early Internet researchers so that they could avoid 
remembering long IP addresses – instead, they created more human-friendly 
names, like opendns.com.

When you type opendns.com, you still connect to our server. This is because 
your computer looks up opendns.com to find the IP address that it connects 
to. Your computer initiates about a thousand DNS queries every single day – 
websites, software updates, and even phone apps rely on the service. 

There are too many sites on the Internet for each computer to keep a 
complete list, so DNS servers act as an address book when computers look up 
domains.

That’s the basic premise of DNS – when you want to connect to a website or 
other application server, it tells your computer which address to connect 
to.

Whose DNS am I using?

There are tens of thousands of recursive and authoritative DNS servers in 
the world. If you have never tinkered with DNS in the past, you probably 
use the recursive DNS servers of whoever provides your Internet. At your 
house, this may be a cable company. On your phone, it is your cellular 
provider. At the coffee shop down the street, it’s their Internet Service 
Provider.

Not all DNS services are created equally. If the recursive DNS service you 
use breaks, you cannot connect to websites. If the DNS service you use is 
slow, then your connection to websites will be slow. If your DNS servers 
are not up-to-date, then you may not be able to connect correctly to 
websites.

OpenDNS started its DNS service to provide everybody with the most 
reliable, safest, smartest, and fastest Internet connectivity in the world. 

If you want to take control of your DNS, learn how to set up OpenDNS on 
your devices. You can always check whether you are using OpenDNS by 
visiting welcome.opendns.com.

How can DNS be used to find malware?

With 50 billion DNS lookups going through the OpenDNS Global Network every 
day, we have a window into the Internet. In our mission to connect the 
world with confidence, we formed OpenDNS Security Labs to predict emerging 
threats by analyzing how attackers leverage criminal infrastructures on the 
Internet to launch attacks.

Our Security Labs team has access to all the data our global network 
acquires, and they use it to examine how the whole Internet works and 
changes. Bad things like malware, spyware, phishing, and other scams rely 
on DNS, so we utilize the power of Big Data to search for, identify or even 
predict these malicious domains.

The results of the research can be pretty beautiful. With machine-learning 
systems, the OpenDNS Security Labs can predict the behavior of malware and 
botnets before attacks happen. The result of this data and research is a 
product called the OpenDNS Security Graph. It’s basically a contextual 
search engine for the infrastructure of the Internet. Searching for 
domains, IP addresses, or other routing protocols shows the OpenDNS 
Security Labs prediction of whether a site is good or bad.

How can DNS stop me from connecting to malware?

By combining DNS and Security Graph, OpenDNS released Umbrella – a full 
security enforcement solution in the cloud. Umbrella makes the “address 
book” of DNS smarter–when Umbrella customers look up a domain like 
opendns.com, our DNS servers add in one extra step. The DNS service checks 
where you want to go in Security Graph – in this example, opendns.com – to 
see if the domain and the address you want are both safe. If they are, the 
service gives you the correct address, and your Internet browsing continues 
with the same speed as normal DNS.

However, if Security Graph has flagged the domain or the address as 
malicious, Umbrella stops you from connecting by redirecting you to a block 
page indicating that the site is unsafe. Umbrella takes the address book of 
the Internet and cuts out the bad parts so that your computer cannot even 
find the addresses of harmful servers.

The best part about Umbrella is that it is built into the OpenDNS Global 
Network, with data centers around the world. You do not have to install 
anything – setting up Umbrella for your business can be as easy as setting 
up the OpenDNS home service.

What is the future of DNS-based security?

Some websites on the Internet are good, but host bad things. For example, 
file-sharing websites or blog services are sometimes misused for malicious 
activities. To address this, Umbrella now offers the Intelligent Proxy.
Proxying works like a guarded door–it lets most things through, but if the 
guard sees something bad coming, it shuts the door to protect you. With the 
Intelligent Proxy, when your computer makes a DNS query for a site that 
sometimes hosts bad content, the Intelligent Proxy kicks in to protect you. 

Instead of returning the correct address of the website, the DNS server 
returns the address of the Intelligent Proxy, where OpenDNS security 
software can take a deeper look at everything.

While browsing the Internet, you will never realize that this extra level 
of security is protecting you–your computer thinks the address of 
Intelligent Proxy is the website it wants, so it behaves normally.

Conclusion

DNS makes the Internet work. After reading this primer, you should have a 
better idea of how that’s accomplished, and how that technology can be 
applied to security. Although we rarely think about it, this quiet protocol 
controls our access to the Internet, making it important in our everday 
security. OpenDNS has been delivering reliable and safe DNS to millions of 
people around the world for seven years, with zero downtime, which is 
almost as incredible as DNS itself. So if you’d like to be part of the 
OpenDNS family, simply click this link to get started! http://blog.opendns.com
 

Message sent using MelbPC WebMail Server

More information about the Link mailing list