Here at OpenDNS we’ve spent the past several months working to keep you safe from the Conficker worm. Using the OpenDNS service is widely considered to be one of the easiest and most guaranteed ways to protect your network. And today we roll out a free Conficker detection tool to give you actionable insight into whether or not you have Conficker on your network.

As David mentioned here, we’re in a unique position as your DNS provider of choice to block the worm at the DNS level and prevent it from phoning home. We’re also in a unique position to tell you, based on DNS queries coming from your account, if your network has been infected with Conficker. Log into your OpenDNS account now and you’ll see a banner indicating you either have Conficker or you don’t. This is a tremendously valuable service, and representative of a key innovation on the DNS. If you have friends or colleagues not using OpenDNS yet, we urge you to recommend the service.

Even though we prevent the worm from phoning home, we advise everyone with Conficker to run the disinfection tool. Microsoft offers a great one here.

Also today we’re sharing data about geographic distribution of the worm’s C-varient to date. This information is based on OpenDNS data alone, so is not necessarily representative of overall geographic Conficker distribution.

We’ll continue blocking Conficker for all of our users, through our on-by-default Botnet Protection feature. And we’ll keep you posted with updates about the virus, if/when we have them, on this blog.

By now you’ve likely heard the speculation that April 1, April Fools Day, is the date Conficker kicks into action. And unfortunately this isn’t a joke. The virus, also known as Downadup, leverages a known vulnerability in the Windows OS and has the potential to do some serious damage. Some estimates for number of machines infected so far are as high as 15 million. The Internet is abuzz with news about the virus and predictions about what it will do.

As your DNS provider of choice, we’re in a unique and advantageous position to help keep our users safe. OpenDNS has kept our users safe from Conficker for the past several months by blocking the domains it uses to phone home. (We’ve seen lots of you start using our service to protect your networks from the worm.)

The latest variant of Conficker is now churning through 50,000 domains per day in an attempt to thwart blocking attempts. Consider this: at any given time we have filters that hold well over 1,000,000 domains (when you combine our phishing and domain tagging filters). 50,000 domains a day isn’t going to rock the boat.

So here’s our update: OpenDNS will continue to identify the domains, all 50,000, and block them from resolving for all OpenDNS users. This means even if the virus has penetrated machines on your network, its rendered useless because it cannot connect back to the botnet. If you want to disinfect your computer we recommend you check out the tools from our friends over at Kaspersky Lab.

If you’re already using OpenDNS, you’re all set. We’re protecting you automatically. If you’re not yet, simply set up a free account here and secure your network.