Mayayana said:...
My understanding is that OpenDNS is just supposed to be an honest
operation, while an increasing number of ISPs are doing things like
showing an ad instead of a 404 page. If you use your ISP DNS that
also reports all of your destinations to them.
I've been using AcrylicDNS, which defaults to OpenDNS but can use any
service. AcrylicDNS is a proxy. It runs as a service.
I like it because it has its own HOSTS file that allows me to use
wildcards. For instance, I can block *.doubleclick.net. I don't have
to list all possible subdomains.
One caveat, though: AcrylicDNS is slightly buggy. Every few weeks the
service fails to start and I have to reinstall it. That only takes a
minute, but still...
Other options: If you don't care about privacy with your ISP you can
research other DNS servers. There are sites online that report the
speed of various servers.
My ISP (Comcast) also decided to provide this, um, "help" page on a DNS
failure; however, upon request (which you have to do via chat or phone
call, not as an online configurable option) you can have them disable it
for your account which I did.
Jon said:Interesting; when I had Comcast several years ago, I was able to just
enter a different IP to get regular (non "value added") DNS.
My current IP, Centurylink, also has this feature, so I just enter the
"standard" IP to get regular DNS.
Thanks to everyone for their input. My connection to eternal-sept hasMayayana said:| Wrong. OpenDNS also corrupts DNS by not reporting failures and instead
| redirects you to their "help" (ad/search) page.
|
I see you're right. That's odd, because it was directing
me to a blank page at something like websitedoesntexist.com
before, but now it's trying to send me to openDNS. I used
to use Level3, which doesn't hijack 404s, but I wondered about
tracking from them.
|
| > I've been using AcrylicDNS, which defaults to OpenDNS but can use any
| > service. AcrylicDNS is a proxy. It runs as a service.
|
|
| > I like it because it has its own HOSTS file that allows me to use
| > wildcards. For instance, I can block *.doubleclick.net. I don't have
| > to list all possible subdomains.
|
| So it is not a hosts file. A hosts file can only block on hostnames
| (host.domain.tld).
It is a HOSTS file, but it's not *the* HOSTS file. The way it
works is that AcrylicDNS acts as a proxy DNS server. One
sets the DNS IP to 127.0.0.1 and then Acrylic can be set to
use any DNS server one wants. It just defaults to OpenDNS.
The functionality of a HOSTS file works the same way, but
the Acrylic HOSTS file allows wildcards.
| > One caveat, though: AcrylicDNS is slightly buggy. Every few weeks the
| > service fails to start and I have to reinstall it. That only takes a
| > minute, but still...
|
| Don't you have your TCP/IP setup regarding DNS specify multiple DNS
| servers? If one cannot be reached then the next gets used. Or are you
| stuck with all DNS requests going through the Acrylic service?
|
Explained above.
JAS said:Thanks to everyone for their input. My connection to eternal-sept has
been unavailable but is now back.
I may give it a try but now I understand it more. I know that when I
first tried to use it it disabled my Spyware Blaster,I think.
I had installed their update service. I uninstalled and went back to
my ISP's DNS.
Thanks for the explanation, it has cleared up alot for me.VanguardLH said:ES has been having server problems. One died so he moved to another.
He has had problems working with his webhoster, too. You can see his
report in a reply he made to the "Thank you, Ray" thread in the
eternal-september.support newsgroup.
Over the last couple of weeks, ES has had about 4 outages (that I've
experience so there may be more). Often they are corrected in a 4-6
hours but sometimes much longer (because, I'm sure, he has a life
outside of Usenet and needs to sleep, too). He also has problems
keeping his web site up or responsive. In the past, ES has had outages
and they seem to come in bunches. I decided I wasn't going to wait this
time and get hit by more outages so I moved back to Albasani.
You don't need to install anything to use OpenDNS, Comodo DNS, Norton
DNS, Google DNS, or any public DNS service. You just configure your
TCP/IP in your OS to point at their DNS server instead of get whatever
one your ISP's DHCP server assigns to you. No software is involved.
There is no way that just using their DNS server caused any problem with
SpywareBlaster or other software on your host.
You only need to install their DNS updater client (or another that lets
you specify OpenDNS) if you want to eliminate them redirecting you to
their ad/search "helper" page on what would normally be a DNS lookup
failure. Because they redirect to an existing and reachable page means
you don't get a DNS fail but instead a DNS success. If you use their
DNS service (no client needed) then you get blessed with their redirect
to helper page on DNS fails.
Only if you want to create an account with OpenDNS to make use of its
configuration options do you need either their DNS updater client
(because you are assigned a dynamic IP address by your ISP) or you have
a static IP address (from your ISP) so you only have to specify it once
in your OpenDNS account. They need to know what is your current IP
address so they can associate your account's settings with a current
connection to their DNS server; else, they have no way to know which
settings to apply to your connection to them.
By either using their DNS updater client (that will notify them what is
your current IP address) or telling them what is your static IP address,
they can apply the settings in your account, like domain blocking in
your own list (up to 50 in a free account), what categories of web sites
you want to block, and who is mentioned in the block page sent to you or
your family as a contact regarding the block (i.e., you can identify
yourself and contact info if someone wants to request a change in
category or URL blocking). Of course, if you're going to use OpenDNS
for blocking categories of sites to protect your family then you need to
configure your router to use OpenDNS and not your PCs (since the kids or
anyone with physical access to the PCs can change their TCP/IP config).
If you have an account at OpenDNS and use their updater client (or
specify a static IP address), you can disable the redirect "helper" page
they show on what should've been a DNS fail. Alas, they disable other
features to punish you if you disable their redirection on DNS fail.
This is for their free account. I've never had a paid account to know
if they allow disabling DNS fail redirection while retaining use of all
the other features.
So you can use OpenDNS just like you can use Google DNS, Comodo DNS,
Norton DNS, UltraDNS, and other DNS providers that have public DNS
servers: just configure your TCP/IP settings to use their DNS server(s).
I specify their primary DNS server as my primary but specify my ISP as
my secondary for fallback. You don't need any software to do it that
way. You get whatever default features that DNS provider decides to
include in their service, like redirection to a helper page on what
would've been a DNS fail. Google DNS doesn't have redirection (didn't
have it before they used DNSSEC and can't have it after employing
DNSSEC). If your ISP has also moved to DNSSEC then they can't employ
redirection, either. With OpenDNS, and if you want their other features
(block by category, block by URL string you specify, etc) only then do
you need an account at OpenDNS along with installing their updater
client.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.