OpenDNS

From Wikipedia, the free encyclopedia

Jump to: navigation, search
 This article may require cleanup to meet Wikipedia's quality standards. Please improve this article if you can. (December 2008)
OpenDNS
Type DNS Resolution Service
Founded 2005
Headquarters San Francisco, California
Key people Nand Mulchandani (CEO) David Ulevitch (Founder & CTO)
Employees 20
Website www.opendns.com

OpenDNS is a free DNS (Domain Name System) resolution service.

Contents

[edit] Services

OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their Internet service provider's DNS servers. By placing company servers in strategic locations and employing a large cache of the domain names, OpenDNS usually processes queries much more quickly[1], thereby increasing page retrieval speed. DNS query results are sometimes cached by the local operating system and/or applications, so this speed increase may not be noticeable with every request, but only with requests that are not stored in a local cache.

Other features include a phishing filter, domain blocking and typo correction (for example, typing wikipedia.og instead of wikipedia.org). By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service. OpenDNS recently launched Phishtank, where users around the world can submit and review suspected phishing sites.

A screenshot of a 'phishing blocked' page

OpenDNS is not, as its name might seem to imply, open source software.

OpenDNS earns a portion of its revenue by resolving a domain name to an OpenDNS server when the name is not otherwise defined in DNS. This has the effect that if a user types a nonexistent name in a URL in a web browser, the user sees an OpenDNS search page. Advertisers pay OpenDNS to have advertisements for their sites on this page. While this behavior is similar to VeriSign's previous Site Finder or the redirects many ISP's are placing on their own DNS servers, OpenDNS states that it is not the same, as OpenDNS is purely an opt-in service (compared to Site Finder's effect on the entire Internet, as VeriSign is an authoritative registry operator)[2] and that the advertising revenue pays for the customized DNS service[3]. Note that web browsers are not the only users of DNS resolution service and for any other user, this way of resolving names is at best useless, and may be worse than replying that the name does not exist, as is normal.

According to OpenDNS, it may in the future provide additional services that run on top of its enhanced DNS service, and may charge money for some of them[3].

One example of such an added service was the company's April 22, 2007 launch[4] of "shortcuts", letting users make custom DNS mappings, such as mapping "mail" to "mail.yahoo.com". This feature launch was covered by a large number of publications, including the New York Times[5], Wired[6], and PC World[7].

On May 13, 2007, OpenDNS launched a new domain blocking service which provides the ability to block/filter web sites visited based upon categories. This provides for corporate, educational and parental control over the type of sites that are deemed appropriate by the networks owner. On August 9, 2007 OpenDNS added the ability to override the filter through individually managed blacklists and whitelists. On February 20, 2008 in an effort to make their domain block list current with new website additions OpenDNS changed from a closed list of blocked domains to a community driven list whereby individual OpenDNS subscribers can suggest sites for blocking. If a sufficient number of other subscribers concur with the categorization of the site it is added to the appropriate category for blocking. The threshold of votes required to add a new site to the filter has not been disclosed. Over 50 categories now exist for categorizing websites providing for fine grained control over web browsing habits.

On December 3, 2007, OpenDNS began offering DNS-O-Matic, a free service, to provide a method of sending dynamic DNS updates to several Dynamic DNS providers using DynDNS's update API.[8]

[edit] History

  • Before 2007 OpenDNS was using the DNS Update API from DynDNS to handle updates from users with dynamic IPs.[9]
  • On November 5, 2008, Nand Mulchandani, former head of VMware's security group, left VMware to join OpenDNS as new CEO, replacing founder David Ulevitch, who will remain as the company's chief technology officer.[10]

[edit] Servers

OpenDNS provides the following recursive nameserver addresses for public use, mapped to the nearest operational server location by anycast routing:

  • 208.67.222.222 (resolver1.opendns.com)
  • 208.67.220.220 (resolver2.opendns.com)
  • 208.67.222.220
  • 208.67.220.222

[edit] Privacy issues, conflicts and covert redirection

While the OpenDNS name resolution service is free, people have complained about how the service handles failed requests. If a domain cannot be found, the service redirects you to a search page with search results and advertising provided by Yahoo. A DNS user can switch this off via the OpenDNS Control Panel. This behavior is similar to that of many large ISP's who also redirect failed requests to their own servers containing advertising, the difference being that OpenDNS is an opt-out service whereas the ISP service doesn't provide the option.[citation needed]

In 2007, David Ulevitch explained that in response to Dell installing "Browser Address Redirector Error" software on their PCs, OpenDNS started resolving requests to Google.com. Some of the traffic is handled by OpenDNS typo-correcting service who corrects mistyped addresses and redirects keyword addresses to OpenDNS's search page; while the rest is transparently passed through to the intended recipient.[11]

Also, a user's search request from the address bar of a browser that is configured to use the Google search engine (with a certain parameter configured) may be covertly redirected to a server owned by OpenDNS without the user's consent (but within the OpenDNS Terms of Service).[12] Firefox and Flock users can fix this problem by installing an extension.[13] Additionally, whoever has an account can disable this functionality by logging in to their OpenDNS account and unchecking "OpenDNS proxy" option.[14]

This redirection breaks some non-web applications which rely on getting an NXDOMAIN for non-existent domains, such as e-mail spam filtering, or VPN access where the private network's nameservers are consulted only when the public ones fail to resolve.

[edit] Server locations

[edit] Current

[edit] See also

[edit] References

  1. ^ Neowin.net - OpenDNS: What's Your Take?
  2. ^ OpenDNS knowledge base: OpenDNS is not like Site Finder
  3. ^ a b OpenDNS knowledge base: How does OpenDNS make money?
  4. ^ OpenDNS Blog, shortcut the web
  5. ^ NYT, A shortcut to your web destination
  6. ^ Wired, OpenDNS offers keyword browsing shortcuts
  7. ^ PCworld, OpenDNS adds browser shortcuts to free service
  8. ^ OpenDNS Announces DNS-O-Matic: Free Service to Simplify Residential ISP and Small Businesses' Dynamic DNS Service
  9. ^ OpenDNS > Support > Knowledge Base > Dynamic IP: General Info
  10. ^ VMware security chief leaves to run OpenDNS
  11. ^ David Ulevitch. OpenDNS Blog » Google turns the page… in a bad way. May 22, 2007. last accessed 2008-07-04
  12. ^ Amit Agarwal. Prevent OpenDNS from Redirecting Google Search Queries, March 21, 2008, Digital Inspiration. labnol.org. last accessed 2008-07-04
  13. ^ I'm Feeling Lucky Problem Fix for OpenDNS users, July 3, 2008.
  14. ^ Is OpenDNS running a proxy?

[edit] External links

Retrieved from "http://en.wikipedia.org/wiki/OpenDNS"
Personal tools