I was browsing on Bleeping Computer.com and came across a post on PC security which interested me due to it was more or less what I had installed myself. CIS v3.9, Spywareblaster and using SAS and MBAM as on demand scanners. It also recommended two programs I didn’t have called Web of Trust a firefox add-on which I have now installed. The second one and the one this post is about is called Open DNS. Would this program conflict with Comodo, will it run from installation or would I have to apply a specific rule. Hope someone can advise thanks.
http://www.opendns.com/
Open DNS simply allows you to switch your ISP’s DNS servers for their own. They offer, if I remember, certain types of filtering, which, if you have kids, would stop them from getting to certain types of sites…
I tried it some time ago, found it slower at look-ups so left it. Try it…
Thanks Toggie,
No kids on this PC so I will just leave as is.
I’ve been using OpenDNS for over a year and love it. I don’t use it for the filtering though. It does speed up my browsing.
One nice thing about using it popped up with the conficker threat. Even without using the site filtering options, they wouldn’t allow you to connect to known servers spreading conficker.
Speeds up my browsing too. I only have it filter known advertising/malware sites
To compare the speed of OpenDNS to your ISP, open a Command Prompt window and type:
ping -t 208.67.222.222
Let it go for 10 lines or so, and then press Ctrl-C. This will give the min, max and average round trip time for OpenDNS.
Optionally repeat for the other IP of OpenDNS: 208.67.220.220
Repeat for the IPs of your ISP’s DNS server.
With my ISP, I get an average of 19ms, compared to 25ms for OpenDNS (a few minutes ago). When I tried this test a few months ago, I got maybe 2 timeouts in the trial of 10 from OpenDNS. Haven’t seen any timeouts with my ISP.
All of this depends on your ISP and what type of service you pay for. I’m in Brazil where in general the ISP’s own DNS servers are unsafe. I use USB broadband and my browsing speed is quicker. A few ms speed differential though is totally unimportant when compared to the security benefits of using OpenDNS.
I always recommend my own customers to switch to this BEFORE they start choosing their security software.
OpenDNS of course is not a program which installs stuff on your computer. It’s a simple matter of registering online then editing the server numbers into your network settings and/or firewall configs.
I decided to try this and discovered I have no clue what the DNS server IPs are with my ISP! 88)
The ‘stock’ (default settings before switching to OpenDNS) DNS setup has the same IP as my default gateway. So of course, pinging my default gateway is less than 1ms.
Anybody have any idea how to find out what DNS server IPs are actually being used in a case like this? I tried crawling my ISP’s support site (Qwest DSL) to try and find out what they were, but all the setup information I could find for my modem/router shows the setup with the DNS server mirroring the default gateway address.
ipconfig /all isn’t useful as it confirms what the default router setup shows.
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
So I’m extremely confused… ???
Hi heff, try going into the router(192.168.0.1 in address bar) and there should be some DNS info there.Like below
[attachment deleted by admin]
Thanks Matty_R, I had already looked at all that and the DNS setting returned was also the same as my default gateway.
It got me experimenting a bit more though, and instead of using the default settings which had the DNS (with the same IP as the gateway) set to ‘static’, I changed this to ‘dynamic’ and the DNS IPs were populated with the actual server IPs.
So anyway, I pinged them and the OpenDNS servers and OpenDNS is currently an average of 8ms faster than my ISP. Which tells me that although I was perceiving OpenDNS as being quicker, it was likely more wishful thinking rather than actual perception because 8ms is too narrow of a margin to notice a difference. Of course, the day I made that judgment call, the difference may have been greater.
Tried OpenDNS for a while, then happened across TreeWalk DNS. It uses a DNS server on your PC, so no reliance on any other server (the address is 127.0.0.1) and the cache can be flushed if it gets poisoned or one has been to ‘naughty’ sites. Ping=0; a ‘real’ ping might be a tad longer.
One way for find out the DNS IP that you use is to add a Firewall rule for svchost.exe to block and log UDP out from any IP to any IP where source port is any and destination port is 53 (DNS). Then look in the Firewall events to see all of your active DNS IPs.
I put Firewall rules for svchost.exe that allow UDP out to port 53 to the DNS servers for my ISP and OpenDNS. The last rule for svchost.exe is to block and log other requests. This has the effect of blocking DNS requests to other/spoofed DNS servers.
By setting my PCs to automatically get the DNS addresses (using DHCP), I need only change the DNS addresses in my router’s DHCP server to control which DNS addresses are used by all of my PCs. Since my PCs have firewall rules to allow DNS to OpenDNS and my ISP, I don’t have to change anything on each PC to change DNS servers (but still need to reboot).
My PCs also automatically get their IP using DHCP. With all PC settings being dynamic, I can directly connect one of my PCs to the cable modem if I question whether the router is blocking internet traffic or degrading speed (mine failed a few months ago) or if the cable service tech doesn’t believe there is a problem on their side until doing this test.
Another advantage of using a dynamic IP and DNS is that it is easier to tell if malware has changed the internet settings. BOClean did this, but its documentation said it only worked if IP and DNS were dynamic. Too bad CIS doesn’t carry forward this security check. But maybe I don’t need it because of my Firewall rules.