Jump to content

OpenDNS

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Melancholie (talk | contribs) at 07:34, 30 July 2009 (→‎Servers: let's do it like this, it took me forever to click on the reference quite a bit above/before). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

OpenDNS
Company typeDNS Resolution Service
Founded2005
HeadquartersSan Francisco, California
Key people
Nand Mulchandani (CEO) David Ulevitch (Founder & CTO)
Number of employees
20
Websitewww.opendns.com

OpenDNS is a free DNS (Domain Name System) resolution service.

Services

OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their Internet service provider's DNS servers. By placing company servers in strategic locations and employing a large cache of the domain names, OpenDNS usually processes queries much more quickly,[1] thereby increasing page retrieval speed. DNS query results are sometimes cached by the local operating system and/or applications, so this speed increase may not be noticeable with every request, but only with requests that are not stored in a local cache.

Other features include a phishing filter, domain blocking and typo correction (for example, typing "wikipedia.og" instead of "wikipedia.org"). By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service. OpenDNS also launched PhishTank, where users around the world can submit and review suspected phishing sites.

File:OpenDNS-Blocked-page.PNG
A screenshot of a 'phishing blocked' page

OpenDNS is not open source software, but instead refers to the DNS concept of being open, where queries from any source are accepted.

OpenDNS earns a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This has the effect that if a user types a nonexistent name in a URL in a web browser, the user sees an OpenDNS search page. Advertisers pay OpenDNS to have advertisements for their sites on this page. While this behavior is similar to VeriSign's previous Site Finder or the redirects many ISP's are placing on their own DNS servers, OpenDNS states that it is not the same, as OpenDNS is purely an opt-in service (compared to Site Finder's effect on the entire Internet, as VeriSign is an authoritative registry operator)[2] and that the advertising revenue pays for the customized DNS service.[3] Note that web browsers are not the only users of DNS resolution service and for any other user, this way of resolving names is at best useless, and may be worse than replying that the name does not exist, as is normal.

According to OpenDNS, it may in the future provide additional services that run on top of its enhanced DNS service, and may charge money for some of them.[3]

One example of such an added service was the company's April 22, 2007 launch of "shortcuts",[4] letting users make custom DNS mappings, such as mapping "mail" to "mail.yahoo.com". This feature launch was covered by a large number of publications, including the New York Times,[5] Wired,[6] and PC World.[7]

On May 13, 2007, OpenDNS launched a new domain blocking service which provides the ability to block/filter web sites visited based upon categories. This provides for corporate, educational and parental control over the type of sites that are deemed appropriate by the networks owner. On August 9, 2007 OpenDNS added the ability to override the filter through individually managed blacklists and whitelists. On February 20, 2008 in an effort to make their domain block list current with new website additions OpenDNS changed from a closed list of blocked domains to a community driven list whereby individual OpenDNS subscribers can suggest sites for blocking. If a sufficient number of other subscribers concur with the categorization of the site it is added to the appropriate category for blocking. The threshold of votes required to add a new site to the filter has not been disclosed. Over 50 categories now exist for categorizing websites providing for fine grained control over web browsing habits.

On December 3, 2007, OpenDNS began offering DNS-O-Matic, a free service, to provide a method of sending dynamic DNS updates to several Dynamic DNS providers using DynDNS's update API.[8]

History

  • Before 2007 OpenDNS was using the DNS Update API from DynDNS to handle updates from users with dynamic IPs.[9]
  • On November 5 2008, Nand Mulchandani, former head of VMware's security group, left VMware to join OpenDNS as new CEO, replacing founder David Ulevitch, who will remain as the company's chief technology officer.[10]

Servers

OpenDNS provides the following recursive nameserver addresses[11] for public use, mapped to the nearest operational server location by anycast routing:

  • 208.67.222.222 (resolver1.opendns.com)
  • 208.67.220.220 (resolver2.opendns.com)
  • 208.67.222.220 [11]
  • 208.67.220.222 [11]

Privacy issues, conflicts and covert redirection

While the OpenDNS name resolution service is free, people have complained about how the service handles failed requests. If a domain cannot be found, the service redirects you to a search page with search results and advertising provided by Yahoo. A DNS user can switch this off via the OpenDNS Control Panel. This behavior is similar to that of many large ISP's who also redirect failed requests to their own servers containing advertising.

In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Error Redirector" software on their PCs, OpenDNS started resolving requests to Google.com. Some of the traffic is handled by OpenDNS typo-correcting service which corrects mistyped addresses and redirects keyword addresses to OpenDNS's search page; while the rest is transparently passed through to the intended recipient.[12]

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS without the user's consent (but within the OpenDNS Terms of Service).[13] Users can disable this behavior by logging in to their OpenDNS account and unchecking "OpenDNS proxy" option.[14] Additionally, Mozilla users can fix this problem by installing an extension[15] or by simply changing or removing the navclient sourceid from their keyword search URLs.

This redirection breaks some non-web applications which rely on getting an NXDOMAIN for non-existent domains, such as e-mail spam filtering, or VPN access where the private network's nameservers are consulted only when the public ones fail to resolve.

Server locations

Current

Planned

Map of server locations

See also

References

  1. ^ Neowin.net - OpenDNS: What's Your Take?
  2. ^ OpenDNS knowledge base: OpenDNS is not like Site Finder
  3. ^ a b OpenDNS knowledge base: How does OpenDNS make money?
  4. ^ OpenDNS Blog, shortcut the web
  5. ^ NYT, A shortcut to your web destination
  6. ^ Wired, OpenDNS offers keyword browsing shortcuts
  7. ^ PCworld, OpenDNS adds browser shortcuts to free service
  8. ^ OpenDNS Announces DNS-O-Matic: Free Service to Simplify Residential ISP and Small Businesses' Dynamic DNS Service
  9. ^ OpenDNS > Support > Knowledge Base > Dynamic IP: General Info
  10. ^ VMware security chief leaves to run OpenDNS
  11. ^ a b c http://www.opendns.com/support/article/197
  12. ^ David Ulevitch. OpenDNS Blog » Google turns the page… in a bad way. May 22, 2007. last accessed 2008-07-04
  13. ^ Amit Agarwal. Prevent OpenDNS from Redirecting Google Search Queries, March 21, 2008, Digital Inspiration. labnol.org. last accessed 2008-07-04
  14. ^ Is OpenDNS running a proxy?
  15. ^ I'm Feeling Lucky Problem Fix for OpenDNS users, July 3, 2008.
  16. ^ http://blog.opendns.com/2009/06/17/14-billion-dns-requests/
Retrieved from "https://en.wikipedia.org/w/index.php?title=OpenDNS&oldid=305032542"