Open DNS

2 minute read

OpenDNS is a custom DNS server that you can use instead of using your IPS’s DNS server. It checks any address that you lookup against its own list of bad sites (phishing scams, and other things) and redirects you accordingly. It also provides a simple way of enabling/disabling blocking of adult websites.

It often used in schools and big office networks because it allows you to enter in your own black list of sites to block such as YouTube, MySpace and Facebook. (Note: If your school or work blocks MySpace, Facebook, or YouTube, you might be able to regain access by changing your DNS address to different public DNS server or use a public proxy) It also provides trending stats on what web pages are visited most, how often, how how long each visit was. (Great for network techs)

A side effect of letting you black list domains is that it lets you disable most ad network, by disabling the DNS look up of there domain. (great for people that hate ads)

The service is great, lots of features, flexibility, its free and easy to use. I will probably install on my parents computer BUT!

How does OpenDNS make money? OpenDNS makes money by offering clearly labeled advertisements alongside organic search results when the domain entered is not valid and not a typo we can fix. OpenDNS will provide additional services on top of its enhanced DNS service, and some of them may cost money. Speedy, reliable DNS will always be free.

When you type in a bad domain instead of returning “domain not found” error message it forwards you to a search page with ads on it, this is how they pay for this service. A lot of my applications that I write rely on this “domain not found” error message. I been getting an increase in the amount of support calls from people that are use this service and because it disables the 404 error and my free utilities. I now have to update some my utilities to support DNS servers that don’t support “domain not found” error message.

Great service but it has one fatal flaw, it tried to make money.

The OpenDNS Name Servers are 208.67.222.222 and 208.67.220.220.


Update: John Roberts from OpenDNS contacted me via comment asking me for more details on this problem. I’m always impressed when support staff search the internet for reviews, questions and comments about there products.I have included two Wireshark log files nonopendns.txt, opendns.txtIn the first file nonOpenDNS log in frame#2 in the DNS section it read

Flags: 0x8183 (Standard query response, No such name)

In the second file the OpenDNS log in frame #3 in the DNS section it reads

Flags: 0x8180 (Standard query response, No error) Answers xxxxxxxxxxnothere.com: type A, class IN, addr 208.67.217.130

The open DNS server redirected the response from a dead address, my utilities can not longer find out if a domain is valid or not and no longer work. I’m in the process of creating a work around and it shouldn’t be too hard.

I should also mention that I am by no means an expert at DNS stuff. Most of knowledge comes from hacking together what I needed when I needed it.

Leave a comment