Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenDNS To Block and Monitor Conficker Worm

Posted by Soulskill on from the no-phone-home dept.

Linker3000 writes "According to The Register, OpenDNS plans to introduce an new service that will prevent PCs infected with the Conficker (aka Downadup) malware from contacting its control servers, and will also make it easy for admins to know if even a single machine under their control has been infected by Conficker: 'Starting Monday, any networks with PCs that try to connect to the Conficker addresses will be flagged on an admin's private statistics page. The service is available for free to both businesses and home users.' With the amount of trouble this worm has caused, perhaps this is a good time to take a look at OpenDNS if you haven't done so already."

6 of 175 comments (clear)

  1. OpenDNS by Anonymous Coward · · Score: 5, Informative

    OpenDNS redirects www.google.com to OpenDNS servers.

  2. Re:Do not use OpenDNS by Anonymous Coward · · Score: 5, Informative

    They make money by monitoring your habits. Can any one tell me how they pay their CDN and caching servers bills for millions and millions queries everyday? They sale your private info.

    OpenDNS redirects all your Google search queries though their servers.

    They redirect web browser users or scripts accessing nonexistent domains to a page containing sponsored search results, ads, and a search form. The DNS protocol requires that a query for a nonexistent domain must return the "NXDOMAIN" error response.

  3. Re:I just found out about this. by Anonymous Coward · · Score: 5, Interesting

    You're giving another entity access to all your DNS lookups and your computer won't talk to Google's servers anymore when you connect to www.google.com, but to a company which isn't very upfront about this redirection. Whether that's an advantage or a drawback is up to you.

  4. Re:Do not use OpenDNS by fprintf · · Score: 5, Informative

    You can turn this feature off. http://www.opendns.com/support/article/244 is their response to questions about privacy.

    For those that have OpenDNS running, you go to Settings, Advanced and then at the bottom there is the Network Shortcuts section. Uncheck the box "Enable OpenDNS Proxy".

    I have the service and I am quite happy to trade a little privacy for the content filtering done by someone else, without requiring any software installs or any maintenance of IPTables or anything else on my part. It is passive safety, I know, but gives some peace of mind with a teenager who knows his way around computers. It blocks proxies too. If there is an alternative, I'd love to read about it.

    --
    This post brought to you by your friendly neighborhood MBA.
  5. Re:Aren't ISP's, Etc., Selling Data, Too? by Antique+Geekmeister · · Score: 5, Informative

    It could be worse. Does anyone else here remember the 'Site Finder' chaos, when Verisign returned their own sales website domain for all nonexistent .com addresses? As the managers of .com, their behavior screwed up network monitoring tools worldwide, and misdirected huge amounts of misaddressed email to their servers, without warning. Patches were quickly released for every major DNS software package to block it, which is probably the real reason it got dropped: having every DNS server in the world used to the idea that 'I can block the behavior of idiots' is very, very bad for companies like Verisign that have repeatedly misused their position of trust against third parties.

  6. Re:Do not use OpenDNS by davidu · · Score: 5, Informative

    I'm the founder of OpenDNS. I've decided to reply even though these comments are heinously wrong, and probably just me feeding the trolls...

    We have never sold user data, ever. We also have no CDN bills, we don't even use a CDN. We've built a global BGP-speaking network with hundreds of peers around the world. I know, because I built it. We peer at LoNAP, LINX, PAIX, SeattleIX and on a few of the Equinix peering fabrics around the US.

    The idea that we would build our business based on monitoring user data is preposterous. I wouldn't stand for it, nor would our employees. I'm confident that all our engineers are just as vocal or more vocal about doing the right thing than you are. We make it very clear how we make money, and it's all over our website. Go to http://guide.opendns.com and do a search. The sponsored results are ads where we get paid, the organic results are regular search results. That's how we make money. We might offer an enterprise for-pay service down the road as some of our customers begin to demand tighter integration with their network but for now, we're happy with our business. And I'm happy to report that we're profitable and stable, even in this economy.

    And as to the OpenDNS proxy. It's true, we do redirect certain Google requests through a proxy so that we can make our OpenDNS shortcuts and some other features work more reliably. Two important things here: First, we peer with Google at every datacenter, so we aren't adding to your latency or anything else. Second, we don't log and store any data and we certainly don't care about it. We prefer to be able to confidently say we aren't keeping data on it. Of course, you are welcome to disable it by going into your settings and disabling the OpenDNS proxy. That's it. Do that and we don't ever see the request. Pretty easy. End of story.

    David Ulevitch
    Founder, OpenDNS

    --

    # Hack the planet, it's important.