Sagacious Himself — brevity in circumlocution: never blague — suffering genius

October 23, 2009

OpenDNS Deluxe needs more features and lower cost to justify purchase espcecially in light of TreeWalk DNS — should include power wildcards and RADIUS

Filed under: CIO,DARPA,overview,security,social engineering,Tagtastic — Sagacious Himself @ 11:22 am
Tags: ,

Paid versions of OpenDNS? Hmm OpenDNS is but one of your alternatives to your ISP poorly performing resolvers.  Is the Deluxe version of OpenDNS worth the investment of the home user (parents)?

No.

OpenDNS ought offer hosted RADIUS as part of that price especially as their primary audience has always been home users — WPA2-PSK AES is NOT sufficient anymore.  Hosted RADIUS is not currently priced for home use but there is a ‘vast’ untapped market of people who do not realize their need yet;  Those aware of the need are extremely unlikely either to buy a dedicated hardware appliance or build their own RADIUS server.

OpenDNS “Deluxe” as “free without ads and a smidge more” [not a quote] is not featured enough to justify $10 annually.  While increased space in blacklisting is tempting, and while whitelisting-only has certain parental applications (albeit in a complex bordering on chaotic implementation challenge),

For $10 or preferably less annually OpenDNS ought apply a few changes in offerings to home users:

OpenDNS free ought offer more blacklisting space and use expanded whitelisting as an upsell. — (crippling (porn) sites a far more effective deterrent than outright blocking and requires a much larger blacklist than 50 hosts)

OpenDNS deluxe ought offer FINE GRAIN control over the NXDOMAIN intercept page.  OpenDNS ought not use the NXDOMAIN intercept page in a deluxe of better panel as an upsell avenue nor should there be evidence of OpenDNS branding.

OpenDNS ought recognize the vast hoards in broken marriages and mixed families: one account six houses type scenario.

OpenDNS ought recognize some ultra broadband residential customers (fios) have multiple public IP addresses: a one house scenario.

OpenDNS deluxe ought offer wildcard support in white- and blacklisting.  Wildcards as prefix and suffix (por*.rain.tld / *tube.tld), wildcards in the middle of FDQN (cdn.*tube.tld / cdn*.*.*tube.tld), and single character wildcard “?”.

OpenDNS deluxe ought offer a wiki for home gateway configuration (filters or rules) to seize resolution requests

OpenDNS free is not suffient for most residential user (parental) needs, and OpenDNS does not add enough value to justify expenditure given TreeWalk DNS, OpenDNS alternative, is readily available without invoking irrational fear by uttering ‘bind’.  TreeWallk DNS (for windows) is free, easy enough to setup, and offers the home user (or parent) orders of magnitude more power and features (ConFetch).

I would have kept TreeWalk “to myself” but I hope to modify the OpenDNS deluxe  feature offering while reducing the annual cost for (complex) residential users. TreeWalk currently maintained by Zenobi.

“TreeWalk is a “free personal use”, automatically installed DNS name-caching only server which is similar to, but more efficient than using your default ISP’s DNS servers. A lookup only, non-persistent caching version called BIND-LE for Windows 95/98/ME/[2000/XP/2003] is also available from our Downloads page” [[If you’re using Windows7 (aka vista) you’re SOL twofold. Enjoy the sweet suffering you masochist.]]

I do NOT advocate switching to google’s “free” DNS;  all the “free” services from google are merely a methods for facilitating your (blissfully ignorant) quiet surrender of  yourself via packetization.  Google is not a philanthropic group; google is a giant relational database mining enterprise that also runs an ad deployment platform.  Participation in google projects is PURE FOLLY.

edit: see also Pirate bay P2P DNS, dot-p2p

[ Himself.wordpress.com ]

June 20, 2009

less opendns

Filed under: bookmarkified — Sagacious Himself @ 12:02 pm
Tags:

10.10.10.10     which.opendns.com
10.10.10.10     open.opendns.com
10.10.10.10     guide.opendns.com
10.10.10.10     block.opendns.com

edit: see also Pirate bay P2P DNS, dot-p2p

[ Himself.wordpress.com ]

May 23, 2009

aaron: open DNS resolvers

Filed under: bookmarkified,DARPA — Sagacious Himself @ 7:49 pm
Tags:

open DNS resolvers… mmmm poison
http://dns.measurement-factory.com/surveys/openresolvers.html

[bookmarkified]

edit: see also Pirate bay P2P DNS, dot-p2p

[ Himself.wordpress.com ]

December 7, 2008

openDNS alternative DNSresolvers.com by easyDNS

Filed under: CIO — Sagacious Himself @ 12:19 pm
Tags:

http://easydns.com/status.php3

easyDNS launches DNSResolvers.com: no frills, pure DNS lookups – fully patched

Some of our members have expressed reservations around using any DNS resolver that “alters” the traffic in any way, including typos and non-existent domains. Which is good news for us, because we’ve done this so fast we haven’t had time to build anything like that even if we wanted to. What we did want to do is provide a couple of DNS resolvers for use by our members (or anybody else) who just want to know they’re using a system run by people who are actively following this situation and are proactively keeping their own resolvers and caching nameservers as secure as the protocol allows.

With this in mind we’ve turned up DNSresolvers.com today. No website, no user interface, at the moment it’s just a couple of resolvers with the latest security patches in place and that will continue to do so, open to use by anybody who wants. We have no idea where this will go, and it’s not really an official easyDNS “service” per se. But we wanted to do something to give our members options.

If you want to use DNSresolvers.com, the details are as follows:


cache1.dnsresolvers.com -> 205.210.42.205
cache2.dnsresolvers.com -> 64.68.200.200

.

openDNS alternative DNSresolvers.com

edit:another free alternative by easyDNS competition, UltraDNS

dnsadvantage.com

156.154.70.1
156.154.71.1

.

or roll your own, too

.

edit: see also Pirate bay P2P DNS, dot-p2p

[ Himself.wordpress.com ]

Blog at WordPress.com.