Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenDNS As Quick-Fix To DNS Patch Dilemma

Posted by timothy on

CWmike writes "It turns out that problems with the July 8 patch that was rolled out to fix a cache poisoning flaw discovered by researcher Dan Kaminsky are causing headaches for admins. Preston Gralla suggests a 30-second quick-fix, perhaps until everyone is patched up: Use OpenDNS, which has been patched, as your personal DNS. If you run a corporate network and need help getting OpenDNS set up, your best bet is to go to the OpenDNS FAQ page, he writes."

6 of 61 comments (clear)

  1. If you run a corporate network by 77Punker · · Score: 4, Funny

    If you run a corporate network and need the FAQ page to help, you should not be running a corporate network.

    Then your job should promptly be given to me.

    1. Re:If you run a corporate network by snoyberg · · Score: 5, Funny

      Unless someone already hacked your DNS server and are serving you a fake OpenDNS page that points to their own server...

      --
      Thank God for evolution.
    2. Re:If you run a corporate network by Spy+der+Mann · · Score: 4, Informative

      208.67.222.222
      208.67.220.220

      There :)

  2. Re:Biggest boom for Open DNS's busineess by Anonymous Coward · · Score: 4, Funny

    Hush now, we're trying to advertise OpenDNS. Just use it and shut up like a good lemming.

  3. Just use patched, NX-replying public DNS servers by Anonymous Coward · · Score: 5, Informative

    No.
    OpenDNS does terrible NX-overriding and other useless, annoying things (logins, etc..)

    Instead, just use public, geo-distributed DNS servers which FOLLOW RFC and are patched. Here are the standard suggestions (Level7):
    4.2.2.1 through 4.2.2.6.

    These have good randomness and are multi-cast addresses for DNS servers all over the country. They are VERY fast in most areas.
     

  4. Re:Thank God my parents don't trust me... by moderatorrater · · Score: 4, Funny

    supersloshy: "Come on, mom, I'm 32 years old, I can look at porn if I want to."
    mom: "Not while you're living under my roof without paying rent!"
    step-dad: "Besides, son, I hear it can help protect you against that dns cache poisoning that's been going on."
    supersloshy: "Shut up! You're not my real dad!"
    real dad: "Now supersloshy, you obey your step father, even if he does dress funny and try too hard."
    supersloshy: "I hate you! I wish I'd never been born!"

    Whole thing sounds kind of silly now, huh?