How in the Tech

A Date with OpenDNS

By Adam Myers ⋅ August 8, 2006 ⋅ Tags: Networking, Security

Always one that hates being late to the party, I have very little excuse for missing out the latest craze, OpenDNS. Having a bit of time on my hands this past weekend, I decided to see what this little technology was all about.

Some extremely brief background information – DNS is essentially the service that translates all your www, .coms, etc into a numerical address on the Internets. This translation or lookup generally happens at your ISP level, but in a worst case scenario it may transcend a number of networks before returning an answer. With the address lookup information, only then can your PC locate and conversely load the webpage you’ve requested. That is all the ammo you need in order to judge whether OpenDNS is really anything to clamor about.

So what makes them worth talking about?

1. Phishing protection. When you attempt to load a known phishing website, OpenDNS instead redirects you to a page informing you of the very bad decision you have just made.
2. Lookup caching. Generally, you are at the mercy of your ISP’s DNS servers to provide efficient and quick address resolution. When a lookup is already cached, the server does not need to redirect your query to another DNS server and thus alleviating any prorogation delay.
3. Typo corrections. Self explanatory, if you type goggle.com or craigslist.og, you still end up where you intended to go.

After using it for a few days:

• Phishing protection works as advertised. While I’d like to think I am a little more net savvy than most, we’ve all had the case of the clickys; launching web links haphazardly and without thinking. Some of today’s scams look entirely legit, and while I believe the OpenDNS system relies on a good/bad reporting system, it still has merit.
• Lookup caching sounds great at the surface but I noticed little difference – a few milliseconds here or there is impossible to tell. Perhaps my ISP does a great job with its caching; its logical to see that a DNS server at your ISP will have less latency than another a few networks away.
• I guess I’m just an excellent typer, I didn’t come across this whatsoever. To be fair, it worked as described when I tried typing with my elbows. A part of me is concerned about having a service redirect me like this, even when the intent is good – atleast I hope it is.

So will I use this? As I’m not the only user on my home network, I think the offering has more going for it. As of this writing, I will keep using OpenDNS. The phishing protection (though not unique) makes the package attractive, mainly for its transparency and easy installation. Oh, I haven’t mentioned how to install it? For those interested, OpenDNS has a getting started page that is well done and thorough. Those of us more technically inclined can just change our network settings to point to the OpenDNS servers, 208.67.222.222 and 208.67.220.220.

The service is free and easily “installed” so there is very little reason to not to try it out and see how it goes. Your mileage may vary; godspeed.