Jump to content

OpenDNS

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by JPWhiteFitMan (talk | contribs) at 18:55, 17 August 2008 (Services). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

OpenDNS
Company typeDNS Resolution Service
Founded2006
HeadquartersSan Francisco, California
Key people
David Ulevitch (Founder & CEO)
Number of employees
12
Websitewww.opendns.com

OpenDNS is a free, closed-source, DNS resolution service. It provides the following two recursive nameserver addresses for public use, mapped to the nearest operational server location by anycast routing:

  • 208.67.222.222 (resolver1.opendns.com)
  • 208.67.220.220 (resolver2.opendns.com)

History

OpenDNS was launched in July 2006 by hacker/entrepreneur David Ulevitch. It received venture capital funding from Minor Ventures, which is led by CNET founder Halsey Minor.

On July 10, 2006, the service was covered by digg, Slashdot, and Wired News, which resulted in an increase of DNS requests from just over one million requests on July 9 to 30 million on July 11.[citation needed]

On October 2, 2006, OpenDNS launched PhishTank, an online collaborative anti-phishing database.

In 2006, OpenDNS began using the DNS Update API from DynDNS to handle updates from users with dynamic IPs.[1]

As of August 2008, OpenDNS provides geographically distributed servers in Seattle, Palo Alto, New York, Washington, D.C., London, and Chicago.

On June 11, 2007, OpenDNS started advanced web filtering to optionally block adult content for their free accounts.

Services

OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their Internet service provider's DNS servers. By placing company servers in strategic locations and employing a large cache of the domain names, OpenDNS usually processes queries much more quickly[2], thereby increasing page retrieval speed. DNS query results are sometimes cached by the local operating system and/or applications, so this speed increase may not be noticeable with every request, but only with requests that are not stored in a local cache.

Other features include a phishing filter, domain blocking and typo correction (for example, typing wikipedia.og instead of wikipedia.org). By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service. OpenDNS recently launched Phishtank, where users around the world can submit and review suspected phishing sites.

File:OpenDNS-Blocked-page.PNG
A screenshot of a 'phishing blocked' page

OpenDNS is not, as its name might seem to imply, open source software.

OpenDNS earns a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This has the effect that if a user types a nonexistent name in a URL in a web browser, the user sees an OpenDNS search page. Advertisers pay OpenDNS to have advertisements for their sites on this page. While this behavior is similar to VeriSign's previous Site Finder, OpenDNS states that it is not the same, as OpenDNS is purely an opt-in service (compared to Site Finder's effect on the entire Internet, as VeriSign is an authoritative registry operator)[3] and that the advertising revenue pays for the customized DNS service[4]. Note that web browsers are not the only users of DNS resolution service and for any other user, this way of resolving names is at best useless, and may be worse than replying that the name does not exist, as is normal.

According to OpenDNS, it may in the future provide additional services that run on top of its enhanced DNS service, and may charge money for some of them[4].

One example of such an added service was the company's April 22, 2007 launch[5] of "shortcuts", letting users make custom DNS mappings, such as mapping "mail" to "mail.yahoo.com". This feature launch was covered by a large number of publications, including the New York Times[6], Wired[7], and PC World[8].

On May 13th, 2007, OpenDNS launched a new domain blocking service which provides the ability to block/filter web sites visited based upon categories. This provides for corporate, educational and parental control over the type of sites that are deemed appropriate by the networks owner. On August 9th, 2007 OpenDNS added the ability to override the filter through individually managed blacklists and whitelists. On February 20th, 2008 in an effort to make their domain block list current with new website additions OpenDNS changed from a closed list of blocked domains to a community driven list whereby individual OpenDNS subscribers can suggest sites for blocking. If a sufficient number of other subscribers concur with the categorization of the site it is added to the appropriate category for blocking. The threshold of votes required to add a new site to the filter has not been disclosed. Over 50 categories now exist for categorizing websites providing for fine grained control over web browsing habits.

On December 3, 2007, OpenDNS began offering DNS-O-Matic, a free service, to provide a method of sending dynamic DNS updates to several Dynamic DNS providers using DynDNS's update API.[9]

Privacy issues and covert redirection

While the OpenDNS name resolution service is free, people have complained about how the service handles failed requests. If a domain cannot be found, the service redirects you to a search page with search results and advertising provided by Yahoo.[citation needed] A DNS user can switch this off via the OpenDNS Control Panel.[citation needed]

There is also a large privacy concern about sharing your DNS requests with any third-party.[citation needed] Normally, DNS requests are handled by the ISP, which already has access to all of your data going upstream through your connection. When you use OpenDNS, the DNS requests go through this new third-party company, which logs the domain name typed, the date and time of each DNS request, and the IP address of the requestor.[10]

In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Redirector Error" software on their PCs, OpenDNS implemented this typo-correcting service: mistyped addresses would be corrected and directed to the correct address; keyword addresses would direct to OpenDNS's search page; comma-separated keywords would result in OpenDNS search results. Each would start with an unpaid link to the suggested correction.[11]

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS without the user's consent (but within the OpenDNS Terms of Service).[12] Browsers configured to omit this parameter do not get redirected and address-bar searches are sent to Google as normal.[12]. Firefox and Flock users can fix this problem by installing an extension.[13]

This redirection breaks some non-web applications (such as email spam filtering) which rely on getting an NXDOMAIN for non-existent domains.

Conflicts

Various people received a Spyware warning when trying to visit Google or perform a Google search.[1] This issue is being addressed in the official forums. [2]

Also, the service resolves certain requests to google.com, to reverse what it considers interference by what it claims is spyware installed on to certain Dell computers (an Internet Explorer toolbar that redirects mistyped domain names to Google searches). Some of the traffic is handled by OpenDNS themselves, and the rest is transparently passed through to the intended recipient[11].

Other users have found themselves unable to access secure and appropriate websites such as alternative media[citation needed].

Server locations

Current

Planned

According to their Network map, August, 2008:

See also

References