Comments on: OpenDNS – Keeping you safe day after day

By: Tony Bruguier

Tony Bruguier — Sun, 10 Aug 2008 00:59:47 +0000

I am a bit confused. Even with the latest patches, the vulnerability remains:
http://tech.slashdot.org/tech/08/08/09/123222.shtml

One can only mitigate the problem, since the issue is a problem in the specification of the DNS protocol itself. OpenDNS probably does not use BIND, but that doesn’t matter. Actually, you probably have a custom-made program.

I suspect you probably have a very large pipe, making you more vulnerable to poisoning. Could you expand on the protection measures that you have taken?

Tony

By: Vanvalkinburgh.org » Blog Archive » OpenDNS Blog » OpenDNS – Keeping you safe day after day

Sun, 27 Jul 2008 06:34:58 +0000

[…] OpenDNS Blog » OpenDNS – Keeping you safe day after day. […]

By: That Whole DNS “thing” » Solo Technology

That Whole DNS “thing” » Solo Technology — Sun, 27 Jul 2008 04:15:47 +0000

[…] far as the vulnerabilities go, they claim not to be vulnerable. Kaminsky and the testing app at his site seem to agree. Curious about your DNS provider? Try that […]

By: Just use OpenDNS at MasterMaq’s Blog

Just use OpenDNS at MasterMaq’s Blog — Fri, 25 Jul 2008 22:47:59 +0000

[…] the day it launched two years ago, and have used them on some machines ever since. Turns out that OpenDNS is one of the few that were unaffected by this flaw: I’m very proud to announce that we are one of the only DNS vendor / service […]

By: Zero Day mobile edition

Zero Day mobile edition — Fri, 25 Jul 2008 16:26:31 +0000

[…] July 8th, David Ulevitch at OpenDNS posted a statement that OpenDNS isn’t vulnerable : “I’m very proud to announce that we are one of the only DNS vendor / service providers […]

By: Internotes − OpenDNS Blog » OpenDNS – Keeping you safe day after day

Internotes − OpenDNS Blog » OpenDNS – Keeping you safe day after day — Wed, 23 Jul 2008 09:32:25 +0000

[…] OpenDNS Blog » OpenDNS – Keeping you safe day after day This entry was posted on Mercredi, juillet 23rd, 2008 at 11:04 and is filed under Citation. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed. […]

By: Killer Free Service That You’re Probably Not Using | It Does Compute

Killer Free Service That You’re Probably Not Using | It Does Compute — Wed, 23 Jul 2008 03:06:46 +0000

[…] Internet, Networking, Web Browsing Update: OpenDNS is not vulnerable to a DNS cache poisoning attack that was recently discovered. OpenDNS has written about the multi-vendor vulnerability on the OpenDNS blog. […]

By: Jeffrey S.

Jeffrey S. — Fri, 18 Jul 2008 10:12:45 +0000

You know what my computer just said after hearing about this news that OpenDNS was safe from any DNS-based attacks?

“PHEW!!!”

By: On the Internet, How Do You Know If You Are Talking to a Dog? | Disruptive Library Technology Jester

Wed, 16 Jul 2008 02:51:23 +0000

[…] of DNS cache poisoning. One such service is called OpenDNS, and they made quite a big point about not being vulnerable to this problem. At a very basic level, you use OpenDNS by setting your DNS servers to 208.67.222.222 and […]

By: (Yet Another) Mark

(Yet Another) Mark — Fri, 11 Jul 2008 18:56:51 +0000

Couldn’t an unpatched client (like the glibc resolver) still be vulnerable to IP spoofing of OpenDNS itself? It seems unlikely, I must admit, but isn’t just as likely since AFAICT the exploit would have required spoofing at some point in the chain of events?