OpenDNS As Quick-Fix To DNS Patch Dilemma

CWmike writes "It turns out that problems with the July 8 patch that was rolled out to fix a cache poisoning flaw discovered by researcher Dan Kaminsky are causing headaches for admins. Preston Gralla suggests a 30-second quick-fix, perhaps until everyone is patched up: Use OpenDNS, which has been patched, as your personal DNS. If you run a corporate network and need help getting OpenDNS set up, your best bet is to go to the OpenDNS FAQ page, he writes."

Does Slashdot really need Computer World ads?

[duplicate-nickname]

Seriously, this solution has been posted in response to every DNS article on Slashdot this past month and has been mentioned by just about every article talking about the issue.

Does Slashdot really need to post links to Computer World that rehash was has been discussed 100 times already?

Re:If you run a corporate network

[lazlo]

Unless someone already hacked your DNS server and are serving you a fake OpenDNS page that points to their own server...

Good point. Try this: https://www.opendns.com/. If your browser doesn't complain about a mis-matched certificate, then either you're going to the OpenDNS servers, or whoever's hacked your upstream DNS server has either hacked your list of trusted root CA certificates, or has hacked Thawte's private key. If either of those latter is true, you're pretty much screwed, DNS flaw or not.