[sclug] Odd behaviour from OpenDNS?
Darren Davison
darren at davisononline.org
Fri Jul 20 17:04:45 UTC 2012
On 20/07/12 16:39, Tom Gamble wrote:
> Hi,
>
> I've not really looked in to OpenDNS. I don't use it but was using a host that uses OpenDNS servers.
>
> If you are using OpenDNS then doing an nslookup for an no existent host returns a valid IP address.
>
> Example:-
>
> $ nslookup zzpluralalpha.co.uk
> Server: 208.67.222.222
> Address: 208.67.222.222#53
>
> Non-authoritative answer:
> Name: zzpluralalpha.co.uk
> Address: 67.215.65.132
>
>
> If I use the google nameserver I get
>
> $ nslookup zzpluralalpha.co.uk. 8.8.8.8
> Server: 8.8.8.8
> Address: 8.8.8.8#53
>
> ** server can't find zzpluralalpha.co.uk.: NXDOMAIN
>
>
> What is the general consensus on OpenDNS?
darren at hepburn ~ $ dig -x 67.215.65.132
...blah...
;; ANSWER SECTION:
132.65.215.67.in-addr.arpa. 602861 IN PTR hit-nxdomain.opendns.com.
They do this, I think, so they can put up a friendly web page telling
you what went wrong. Not helpful perhaps if you weren't using a browser
and actually wanted the truth, but no different to using anything else
which overrides 'normal' DNS.
I use OpenDNS because it's a reasonable way to get a configurable amount
of content filtering for the family without me having to fiddle about
with software or maintain a multi-MB /etc/hosts . Should I need to
bypass that for anything (ahem) I can simply switch to a local proxy and
use tor.
That's the major use case for OpenDNS I guess. If you don't want their
version of the truth, use your ISP's servers or give up on privacy
completely and use Google's :)
D.
--
Darren Davison
Public Key: 0xE855B3EA
More information about the Sclug
mailing list