Exactly my thoughts...
Cheers,
Alex Stanford
http://alexstanford.com
http://linkedin.com/in/alexstanford
Chad Bailey wrote:
Unless Google has said that they are not using their DNS queries to
their advantage, I would expect they are. Google isn't a
not-for-profit organization, and data mining is their business.
On Fri, Feb 17, 2012 at 5:59 PM, Michael Potts<[email protected]> wrote:
The only concern that I have heard is regarding privacy. It is
theoretically possible that Google could be using aggregate DNS resolving
data to do fun things, including (possibly) associating your Google Account
via IP to the queries they are resolving and possibly using the queries to
boost their data about sites (possibly finding new sites tto index.
Mostly unfounded and total nearest, but its Google, so who knows.
And as far as having queries, if it were possible to stamp out bad sites by
making them not accessible via DNS, I am for it. Note that my definition of
bad is malware and not pirate sites and whatnot.
I really like OpenDNS because they let me block that crap from my customers
(and my parents) with ease.
-Michael Potts
GV: (904) 638-2914
On Feb 17, 2012 9:20 AM, "Dan Bidleman"<[email protected]> wrote:
I dont particularly want my dns resolutions 'changed for my
protection'. Its good to hear that google doesn't do that.
On Thu, Feb 16, 2012 at 11:44 AM, inkrypto<[email protected]> wrote:
Comodo was hacked though and are probably more secure now but after that
diginotar bs I can't bring myself to use them . . .
On Thu, Feb 16, 2012 at 11:40 AM, Michael Potts<[email protected]>
wrote:
Both Comodo SecureDNS and OpenDNS will intentionally change responses to
protect you. If you attempt to resolve a known-bad domain, the DNS
server
will intentionally respond with a bad bit of data (to redirect you to a
"You have been blocked for your protection" page)
Google DNS (8.8.8.8 and 8.8.4.4) is a speedy mirror of the root DNS
servers and they have said that they do not adjust the responses in any
way
(so they are not protecting you. Normally ideal for a server network
that
needs to have valid responses 100% of the time.
Michael Potts
GV: (904) 638-2914 | Gtalk: [email protected]
@HMHackMaster | http://about.me/MichaelPotts
On Tue, Feb 14, 2012 at 8:10 AM, Alex Stanford<[email protected]
wrote:
Certainly OpenDNS is one of the best options.
I have been running an entire LAN through Comodo SecureDNS (
http://www.comodo.com/secure-**dns/<http://www.comodo.com/secure-dns/>)
for about a year and have never experienced any issues at all.
I've also heard good things about using the DNS root servers
4.2.2.(1-6)
from another JaxLUG member. But, I've read that Level3 is trying to
discourage the use of the 4.2.2.x DNS servers by the general public.
Cheers,
Alex Stanford
http://alexstanford.com
http://www.linkedin.com/in/**alexstanford<
http://www.linkedin.com/in/alexstanford>
inkrypto wrote:
What external DNS do you use? I use comcast, my ISP's, and run a lil
webserver but don't want to get spoofed and don't know enough about
bind
to
harden it so . . .
OpenDNS?
------------------------------**------------------------------**---------
Archive http://marc.info/?l=jaxlug-**list&r=1&w=2<
http://marc.info/?l=jaxlug-list&r=1&w=2>
RSS Feed
http://www.mail-archive.com/**[email protected]/maillist.xml<
http://www.mail-archive.com/[email protected]/maillist.xml>
Unsubscribe [email protected]
---------------------------------------------------------------------
Archive http://marc.info/?l=jaxlug-list&r=1&w=2
RSS Feed http://www.mail-archive.com/[email protected]/maillist.xml
Unsubscribe [email protected]
