| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 79550 | 2007-05-23 13:32:00 | Open Source DNS servers? | Apteryx (294) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 552555 | 2007-05-23 13:32:00 | I am very taken with an article by Preston Gralla on ComputerworldUS:"Hack DNS for lightning-fast Web browsing:Here are no-cost ways to fine-tune DNS for faster browsing" queries: Does anyone do this? is it effective? Is it legal? Would I lose my ISP security? does it have built in security? any ideas? Thanks |
Apteryx (294) | ||
| 552556 | 2007-05-23 19:37:00 | The fact that it says "hack DNS" would make it illegal, otherwise every idiot in town would be doing it.:rolleyes: duh! | winmacguy (3367) | ||
| 552557 | 2007-05-23 23:51:00 | There doesn't look like any reason why you couldn't try it out after looking at their site (http://www.opendns.com). However, note that their servers are all in the US or London, so I don't know that there would be much of an advantage for us in NZ, as I presume that ISP's here cache DNS entries locally for all of their clients anyway. OpenDNS would have to rely on a reasonable installed base in order to maximise its chance of a cache hit for a new DNS request, as it would rely on prior DNS requests from people using their service to get the entries cached. Also I'm not sure what to make of their auto-correction filters (e.g translating "google.cmo" into "google.com" if there isn't a "google.cmo" entry). This is a technique used by disreputable scumbags to mount phishing attacks - for instance you [mis]type www.mybank.cmo & get redirected [thanks to some lowlife who's registered that domain name] to a phishing site that looks like www.mybank.com). It seems that OpenDNS is trying to stomp out all that, but I do wonder how they fund their operation... (or am I being too cynical?) How do they decide what's a mis-spelling & what is a valid address? Do you really know where your custom DNS redirection is going? I'm sure that various internet marketing companies would kill for getting a peek into OpenDNS's cache data... The other method noted in the article, modifying the system HOSTS file, is an old, but effective, technique - just has the disadvantage of having to keep the entries up to date. It works great for blocking advertising sites - there's public lists around which redirect ad-hosting sites to an invalid address (similar & faster than AdBlock for Firefox, but again with the proviso that you have to keep on top of the list). |
MushHead (10626) | ||
| 552558 | 2007-05-23 23:55:00 | There is a DNS server located at Palmy Uni although it would probably be more sense robbing a bank (and getting caught) than hacking into a DNS server "just because it is there" | winmacguy (3367) | ||
| 552559 | 2007-05-24 00:09:00 | The majority of DNS servers on the internet use BIND, an open source, free server. See www.isc.org for this. Running your own DNS server will be unlikely to provide many benefits for a home user, though it's a perfectly normal thing for a company of a decent size. You should only do this if you know what you're doing. |
TGoddard (7263) | ||
| 552560 | 2007-05-24 01:58:00 | Thanks everyone, very helpful and much to ponder. Ill give it a miss for now. | Apteryx (294) | ||
| 552561 | 2007-05-24 04:55:00 | could you even have ".cmo" considering that its not a recognized suffix or is it? | beeswax34 (63) | ||
| 552562 | 2007-05-24 05:41:00 | It is quite practical for you to run your own DNS server. There's no "cracking" involved. Your DNS server will give an immediate answer to any request it "knows" the answer to, any others it will recursively call the public servers until it gets an answer. After a while, you will have a fast response for all the sites you often call. Your browser does cache your DNS requests, though its list might be lost each time you close it. Your ISP's DNS server is caching the requests it resolves, too. And it's doing it from a larger base of requests. There's not much point (except self-education -- always worthwhile) to doing this yourself. Is your time so valuable that a few milliseconds each time you access a new site matters? How long will it take for you to regain the time you would spend installing your own DNS server, and getting it tio work correctly? |
Graham L (2) | ||
| 552563 | 2007-05-24 08:45:00 | How long will it take for you to regain the time you would spend installing your own DNS server, and getting it tio work correctly? I already run my own DNS server. It is called the hosts file. Being on dialup it has made quite a difference to me. |
mikebartnz (21) | ||
| 552564 | 2007-05-24 08:51:00 | The hosts file isn't a DNS server. It's a hosts file. In fact that was all there was in the early days of the Internet. There was a file, called "hosts", maintained manually, containing a list of all the hosts, and their IP addresses. Each host had to have an uptodate copy. There weren't many hosts then. (1, 2, ...). After a while a better, manageable, way was needed, and the hierachical DNS was developed. There's normally a sequence followed when an address resolution is needed: Is it cached? If so, use the cached vIP address. If not, is it on the hosts file? If so, use that. If not, ask the DNS server. So any sites being revisited will usually be in the cache. If they are (manually) put in the hosts file, they will be found quickly. Only if necessary is the external call to DNS is needed. |
Graham L (2) | ||
| 1 2 | |||||