Chris Louden wrote: > I find it interesting that so many of you use the DNS provided by your > ISP. I bet many are not even patched for the latest vulnerabilies. > > I would think at the very least tech savvy people would be using high > level DNS servers like 4.2.2.2 & 4.2.2.1. > > Best case senario would be using something like OpenDNS 208.67.222.222 > and 208.67.220.220.
I have used opendns (temporarily) to check/fix my RR problems several times, but I haven't changed my gateway -- I guess there's a little of "if they're supposed to give me dns, I'm not going to let them out of it" mentality[*] in me. What's the story behind sys.gtei.net (4.2.2.[1-6])? Do they do this as a public service, or is there a business purpose? At least their address is easier to memorize than opendns. :-) OpenDNS has a webpage describing some pay services, and I see they also return, for bogus names, an answer with authority=0 which, I suppose is a little like an ad. I've wondered if that has any downside. I suppose resolvers should always check authority, eh? [* same reason I drink tap water, I guess] Regards, ..jim -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
