OpenDNS

From Wikipedia, the free encyclopedia
  (Redirected from Opendns)
Jump to: navigation, search
OpenDNS
Type DNS Resolution Service
Founded 2005
Headquarters San Francisco, California
Key people David Ulevitch (Founder & CEO)
Employees 100+
Website OpenDNS.com

OpenDNS is a company and service which extends the Domain Name System (DNS) by adding features such as misspelling correction, phishing protection, and optional content filtering.

The company hosts a cloud computing security service, Umbrella, designed to protect enterprise customers from malware, botnets and phishing while online. The OpenDNS Global Network processes an estimated 50 billion DNS queries daily from 50 million active users connected to the service through 20 data centers worldwide.[1]

Previously It provided an ad-supported service[2] "showing relevant ads when we [show] search results" and a paid advertisement-free service.[a]

Services[edit]

The name OpenDNS refers to the DNS concept of being open, where queries from any source are accepted. It is not related to open source software; the service is based on closed-source software.[4]

DNS[edit]

OpenDNS offers DNS resolution as an alternative to using Internet service providers' DNS servers. OpenDNS has adopted and supports DNSCurve.[5]

OpenDNS provides the following recursive nameserver addresses[6] for public use, mapped to the nearest operational server location by anycast routing:

  • 208.67.222.222 (resolver1.opendns.com)
  • 208.67.220.220 (resolver2.opendns.com)
  • 208.67.222.220 [6]
  • 208.67.220.222 [6]
IPv6 addresses (experimental)[7]
  • 2620:0:ccc::2
  • 2620:0:ccd::2

Other features include a phishing filter, domain blocking and typo correction (for example, typing "example.og" instead of "example.org"). OpenDNS maintains a list of malicious sites and blocks access to them when a user tries to access them through their service. OpenDNS also run a service called PhishTank for users to submit and review suspected phishing sites.

As of March 2010 OpenDNS said that it handled over 20 billion DNS requests daily, with over 26 billion delivered on 21 April 2010.[8]

OpenDNS may have negligible performance gain,[9] but may process queries more quickly than an ISP with slow DNS servers.[10] DNS query results are sometimes cached by routers (e.g. typically local ISPs queries may be cached by ISPs home routers), the local operating system or applications, so differences in speed may not be noticeable with every request but only with requests that are not stored in a local cache.

DNS services[edit]

On May 13, 2007, OpenDNS launched a domain-blocking service to block or filter web sites visited based upon categories, allowing control over the type of sites that may be accessed. The filters can be overridden through individually managed blacklists and whitelists. In 2008 OpenDNS changed from a closed list of blocked domains to a community-driven list allowing subscribers to suggest sites for blocking; if enough subscribers (the number has not been disclosed) concur with the categorization of the site it is added to the appropriate category for blocking. As of 2011 there were over 50 categories. The basic OpenDNS service does not require users to register, but using the block/filter feature requires registering and logging in.[11]

OpenDNS also provides the following recursive nameserver addresses as part of their FamilyShield[12] parental controls which block pornography, proxy servers, phishing sites and some malware:[13]

  • 208.67.222.123
  • 208.67.220.123

OpenDNS supports the DNSCrypt protocol, which authenticates DNS traffic between the user's computer and the name servers.[14]

In December, 2007, OpenDNS began offering the free DNS-O-Matic[15] service to provide a method of sending dynamic DNS (DDNS) updates to several DDNS providers using DynDNS's update API.[16] In October 2009, OpenDNS launched premium services. For a charge, the service offers ad-free result pages, increased reporting and block features, and other services.

Umbrella[edit]

On November 13, 2012 OpenDNS launched its enterprise security brand Umbrella. Umbrella[17] is designed to extend security to nomadic workers who roam beyond the corporate network using mobile devices such as iPhones, iPads, Windows and Mac laptops, and provide granular network security for distributed offices, retail locations and Wi-Fi hotspots. IT administrators can use its cloud-based management dashboard to define policies, provision devices, and view reports across users, sites, networks, groups, and devices.

History[edit]

In July 2006, OpenDNS was launched by computer scientist and entrepreneur David Ulevitch, providing recursive DNS resolution to homes, schools, and businesses. It received venture capital funding from Minor Ventures, which is led by CNET founder Halsey Minor. In October 2006, OpenDNS launched PhishTank, an online collaborative anti-phishing database. Before 2007, OpenDNS was using the DNS Update API from DynDNS to handle updates from users with dynamic IPs.[18] In June 2007, OpenDNS started advanced web filtering to optionally block adult content for their free accounts. Nand Mulchandani, former head of VMware's security group, left VMware to join OpenDNS as new CEO in November 2008, replacing founder David Ulevitch, who remained as the company's chief technology officer.[19] David Ulevitch resumed his post as CEO of OpenDNS in late 2009.[20]

OpenDNS was funded by Sequoia Capital and Greylock in July 2009.[21] In June 2010 OpenDNS launched "FamilyShield", a service designed to filter out sites with pornographic content. The service uses the DNS addresses 208.67.222.123 and 208.67.220.123.[22] The World Economic Forum announced the company as a Technology Pioneer for 2011.[23] In March 2012, Dan Hubbard, former CTO at Websense, joined OpenDNS as CTO.[24] The OpenDNS Security Labs were founded in December 2012, serving as a hub for research at the company. OpenDNS launched Security Graph, a security intelligence and threat detection engine in February 2013, followed by a Series B[25] funding round. In May 2014, OpenDNS announced a Series C funding round totaling $35M[26], with new investors Northgate Capital, Mohr Davidow Ventures, Lumia Capital, Evolution Equity Partners, Cisco, Glynn Capital Management, and Sutter Hill Ventures, as well as previous backers Greylock Partners and Sequoia Capital.

Discontinued Advertising[edit]

OpenDNS previously earned a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This had the effect that if a user typed a non-existent name in a URL in a web browser, the user saw an OpenDNS search page. Advertisers paid OpenDNS to have advertisements for their sites on this page. This behavior is similar to VeriSign's previous Site Finder or the redirects many ISP's place on their own DNS servers.[27] OpenDNS said that the advertising revenue paid for the free customized DNS service.[28] As of June 6th 2014, it has been discontinued.[3]

OpenDNS said they discontinued the advertising because of their move towards a security focus in their business.[3]

Reception[edit]

In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Error Redirector" software on their PCs, OpenDNS started resolving requests to Google.com. Some of the traffic is handled by OpenDNS typo-correcting service which corrects mistyped addresses and redirects keyword addresses to OpenDNS's search page, while the rest is transparently passed through to the intended recipient.[29]

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS (which is within the OpenDNS Terms of Service).[30] Users can disable this behavior by logging in to their OpenDNS account and unchecking "OpenDNS proxy" option.[31] Additionally, Mozilla users can fix this problem by installing an extension[32] or by simply changing or removing the navclient sourceid from their keyword search URLs.

This redirection breaks some non-Web applications that rely on getting an NXDOMAIN response for non-existent domains, such as e-mail spam filtering, or VPN access where the private network's nameservers are consulted only when the public ones fail to resolve. Breaking local name resolution can be avoided by configuring the DNS addresses only in the forwarders of the local DNS server or router (the WAN/Internet configuration of a router or other gateway). For other purposes, or when the DNS addresses cannot be configured in a forwarder, domains for which an NXDOMAIN response is expected should be added to the Exceptions for VPN Users section of the OpenDNS Dashboard.

See also[edit]


Notes[edit]

  1. ^ No more ads as of June 6th 2014[3]

References[edit]

  1. ^ "Open DNS System - current status of servers". Retrieved 2013-01-18. 
  2. ^ July 26, 2007 (2007-07-26). "OpenDNS is a free, ad-based service". Pcmag.com. Retrieved 2011-08-21. 
  3. ^ a b c Keizer, Gregg. "OpenDNS to yank ads from its free consumer services". Computerworld. Retrieved 8 September 2014. 
  4. ^ OpenDNS | 0x80
  5. ^ "OpenDNS adopts DNSCurve, official OpenDNS blog entry". Blog.opendns.com. Retrieved 2011-08-21. 
  6. ^ a b c "OpenDNS > Support > Knowledge Base > Additional (3rd and 4th) OpenDNS Addresses". OpenDNS. Retrieved 2011-09-21. 
  7. ^ OpenDNS IPv6 Sandbox
  8. ^ "OpenDNS stats". OpenDNS. 2012-02-17. Retrieved 2012-02-19. 
  9. ^ "OpenDNS Review & Rating PCMag.com". pcmag.com. 2007-07-26. Retrieved 2012-02-20. 
  10. ^ "OpenDNS: What's Your Take?". Neowin.net. 2007-03-13. Retrieved 2010-04-20. 
  11. ^ "How to Protect your Kids Online using OpenDNS". PCTechNotes. 2009-03-17. Retrieved 2011-08-22. 
  12. ^ "OpenDNS Parental Controls". OpenDNS. Retrieved 2011-11-08. 
  13. ^ Family Shield Setup
  14. ^ "DNSCrypt A protocol for securing communications between a client and a DNS resolver". www.dnscrypt.org. 2014-08-19. Retrieved 2014-08-19. 
  15. ^ DNS-O-Matic
  16. ^ "OpenDNS Announces DNS-O-Matic: Free Service to Simplify Residential ISP and Small Businesses' Dynamic DNS Service". Prweb.com. Retrieved 2010-04-20. 
  17. ^ Umbrella
  18. ^ "Dynamic IP: General Info". OpenDNS. Retrieved 2010-04-20. 
  19. ^ "VMware security chief leaves to run OpenDNS". Computerworld.com.au. 2008-11-21. Retrieved 2010-04-20. 
  20. ^ Frommer, Dan. "OpenDNS Founder David Ulevitch Takes Back Reins As CEO". Business Insider. Retrieved 8 September 2014. 
  21. ^ Arrington, Michael. "Sequoia, Greylock Take Stake In OpenDNS", TechCrunch, July 7, 2009, accessed February 4, 2011.
  22. ^ "Introducing FamilyShield Parental Controls". OpenDNS. 2010-06-23. Retrieved 2010-09-19. 
  23. ^ Thirty-One Visionary Companies Selected as Technology Pioneers 2011
  24. ^ "OpenDNS hires Websense CTO to guide enterprise DNS security services". TechTarget. 2012-03-02. 
  25. ^ "CrunchBase OpenDNS Series B Round". CrunchBase. 2013-02-20. 
  26. ^ "CrunchBase OpenDNS Series C Round". CrunchBase. 2014-05-14. 
  27. ^ "OpenDNS knowledge base: OpenDNS is not like Site Finder". Opendns.com. Archived from the original on March 29, 2010. Retrieved 2010-04-20. 
  28. ^ "OpenDNS knowledge base: How does OpenDNS make money?". Opendns.com. April 21, 2010. Archived from the original on 2011-06-06. 
  29. ^ David Ulevitch. OpenDNS Blog » Google turns the page... in a bad way. May 22, 2007. Retrieved 2008-07-04.
  30. ^ Amit Agarwal Prevent OpenDNS from Redirecting Google Search Queries, March 21, 2008, Digital Inspiration. labnol.org. Retrieved 2008-07-04.
  31. ^ "Is OpenDNS running a proxy?". Opendns.com. 2009-03-17. Retrieved 2011-10-09. 
  32. ^ I'm Feeling Lucky Problem Fix for OpenDNS users, July 3, 2008.

External links[edit]