Podemos optimizar e tornar mais segura a navegação na internet com um DNS alternativo e grátis. Para tal basta que mudemos o DNS nos nossos PC's para os DNS's fornecidos pelo OpenDNS.

Ler o post completo.

I really like things I can count on. Looks like OpenDNS is one of them.

Por eso desde hace algún tiempo vengo usando OpenDNS que tan solo quiere un cambio en la configuración para usarlo (también se vale instalar un DNS Local). Lo útil de OpenDNS es verificar que registros del DNS apunten a donde debe ser y si no son los correctos, puedes eliminar el cache que ellos tengan. También sirve para averiguar cuanto tardan esos hostings de menos de $10 al mes en hacer un cambio en sus DNS's.

Pero aún OpenDNS puede quedarse corto cuando andas mudando un sitio, por ejemplo, cuando la aplicación revisa las peticiones hechas al servidor y si el HOST/Dominio no coincide con la configuración hace la redirección. Entonces si quieres verificar que el nuevo servidor al que te estas mudando funciona bien, pero sin modificar los DNS aún, es cuando el viejo archivo Hosts puede servir.

Todo es de modificar el archivo Hosts (su ubicación depende de que use uno) y agregar una nueva linea usando la nueva IP del servidor:

255.255.255.255       nombre.de.dominio

Con esto estarás viendo el nuevo servidor como si el cambio en los DNS ya estuviera hecho. También me ha pasado que tengo que hacer algún cambio en el viejo servidor y los DNSs ya fueron modificados, porque todavía hay gente a la que sus DNS no actualizan, entonces edito el Hosts usando la IP anterior y voy de regreso al servidor viejo. Lo que uno termina haciendo por culpa de los ISPs :P

Por cierto, el archivo Hosts también sirve para bloquear la publicidad ;)

Bagi pengguna Mozilla Firefox anda dapat mengetikkan "about:config" pada address bar,. setelah itu ubah "network.http.pipelining" dan "network.http.proxy pipelining" menjadi "true", serta isi "network.http.pipelining.maxrequests" antara 30 –100 ( semakin besar semakin cepat ). Yang terakhir klik kanan dimana saja dan pilih New->Integer , tuliskan "nglayout.initialpaint.delay" lalu isi dengan 0.
Untuk trik kedua, pertama anda harus mendaftar di www.openDNS.com . Setelah itu masuk ke Control Panel dari start menu, pilih network connections lalu pilih koneksi anda dan klik tombol properties. Pada bagian Internet protokol anda bisa pilih TCP/IP dan klik properties. Masukkan angka 208.67.222.222 dan 208.67.220.220 pada opsi DNS dan restart komputer anda.
Setelah melakukan 2 tips di atas sekarang anda pasti akan mendapat kecepatan akses yang lebih kencang. Bagi yang masih belum puas dengan kecepatan aksesnya sekarang dapat menggunakan trik yang ke tiga yaitu Google Web Accelerator. Google Web Accelerator di desain khusus untuk mempercepat akses internet anda, khususnya anda yang menggunakan koneksi broadband (pita lebar) seperti Cable dan DSL. Untuk anda yang menggunakan koneksi lain seperti Dial-up (Telkomnet Instant atau Speedy) maupun satelit atau wave, Google Web Accelerator juga dapat mempercepat aksesnya.
Untuk memakai Google Web Accelerator anda harus memenuhi kriteria antara lain Operating System anda harus Windows XP atau Windows 2000 dan browser anda harus Internet Explorer 5.5+ atau Mozilla Firefox 1.0+. Kalau untuk browser lainnya sebenarnya juga bisa, tetapi anda harus meng-konfigurasi proxy settings dari browser anda dengan menambah 127.0.0.1:9100 pada HTTP. Setelah anda melakukan instalasi, Google Web Accelerator akan menampilkan icon kecil di atas browser anda dan icon tray di pojok bawah layar komputer. Anda dapat mengunduh Google Web Accelerator di sini.

Uma excelente ajuda é OpenDNS. Este é um serviço de DNS público, seguro e gratuíto. Não implica a instalação de qualquer programa. Apenas requer a configuração do Servidor DNS no computador ou router, se tiver uma rede doméstica.

O OpenDNS permite filtrar sites cujo conteúdo é perigoso ou não recomendado (pornografia, virus, violência, p2p, fishing, redes sociais, jogos a dinheiro...).

Simultaneamente, o OpenDNS dá-nos acesso às estatísticas de navegação do(s) computador(es) que utilizamos.

As funcionalidades do serviço podem ser amplamente configuradas, tornando a navegação mais permissiva ou restritiva, de acordo com as preferências.

A desvantagem maior é estar disponível apenas em Inglês, mas as instruções são amplamente ilustradas e fáceis de seguir.

OpenDNS - por uma Net mais segura!

Comentado!

A parte le battute, dopo un po' di letture in rete, e per esperienza diretta, posso dire che i Server Dns impostati automaticamente da Vodafone, sono spesso lentissimi o non 'risolvono', e sostituirli con altri, ad esempio con gli ottimi OpenDNS può essere risolutivo:

208.67.222.222
208.67.220.220

Che fa un server DNS?
In parole povere converte in numeri (IP) i nomi di dominio (URL).

Perchè c'è bisogno di questa conversione?
Perchè la Rete Internet comunica tramite gli indirizzi IP, ma essi per agevolare la memorizzazione umana (ma non solo per questo) vengono associati a nomi testuali (molto più semplice ricordarsi di www.wordpress.com che alle 4 terzine corrispondenti 72.232.101.43), che poi però han bisogno di essere riconvertiti in numeri e così via:)

https://www.opendns.com

Gerekenler bu adreste....

[googlevideo=http://video.google.com/videoplay?docid=-8260069796878992303&hl=it]

OpenDNS:

208.67.222.222
208.67.220.220

torpack - white-rabbit

Inseri os DNS no arquivo resolv.conf:
# echo "nameserver 208.67.222.222" >> /etc/resolv.conf
# echo "nameserver 208.67.220.220" >> /etc/resolv.conf

Quando se utiliza DHCP, este arquivo (resolv.conf) apaga todas as informações que nós adicionamos sempre que reconectamos, então fiz o seguinte:

# echo "prepend domain-name-servers 208.67.222.222,208.67.220.220;" >> /etc/dhcp3/dhclient.conf
# ifconfig eth0 down && ifconfig eth0 up

Bom, o que fiz acima é "forçar" (literalmente seria tendenciar) que os endereços DNS que adicionamos fiquem no topo da lista da lista para serem usados. Logo depois reiniciei a placa de rede (No exemplo  meu caso foi reiniciada a eth0, mas você deve reinciar a placa de rede que esta sendo usada na sua maquina).

E pronto ;)

Espero que tenha ajudado vocês.

I realize that there are also a lot of other troubles with certain accounts working. Once I can rebuild my script to test, I can figure out which ones are experiencing trouble, and rectify them. The IP address is different, and many of the old scripts I was using are not built with multiple nodes in mind, so until they are modified I'm stuck with the primitive and laggy WHM interface. (Does it really have to load a list of all 1000 accounts just so I can modify ONE?)

So, we have:

• Accounts not working
• Scripts to fix this in need of modification
• Deletion requests piling up without any page to handle them
• Hundreds uninformed the site is back online
• No easy way to make account modifications
• Major inactivity at all levels
• cPanel on IsMyWebsite.com not working at all
• No explanation of current troubles
• New accounts piling up
• Nothing to spend credits on except advertising
• Little motivation to place proper advertising
• But other than this, everything is FINE!

So, as far as a plan for fixing this.

1. Broadcast a PM to explain all damages. Reconstruct the control panel and create all functionality necessary to handle future tasks. (4 days)
2. Use created scripts to assess and repair the situation universally. Email notification to all Advisors to announce this, which they should pass on to their clients. (4 days)
3. Upgrade the interface to include a delete account page. Recreate the script to provide a solution to just about all client-related problems, and improve relations through email. (4 days)
4. Upload e-books and other sales items onto reliable password-protected storage facility. Each will have a different password, and that is how items can be downloaded by purchasers. (4 days)

Any suggestions or further questions about this plan?

Patent: http://www.domainnamenews.com/registries/verisign-receives-sitefinder-patent/1559

SiteFinder: http://www.itworld.com/Man/2681/031006sitefinder/

Personally I believe if VeriSign had been less secretive about its plans and had briefed important Internet constituencies beforehand about this change to how the Internet operated, there would have been less criticism. VeriSign and ICANN eventually settled their differences re SiteFinder, and as part of the re-awarding of the .com franchise VeriSign promised never to bring a SiteFinder-like service back. But, this patent is interesting for what it means in the present, not the past.

Many companies currently resolve incorrect domain names to pages that contain advertising. They don't do it the way VeriSign did it, by changing the way the root server operates for .com addresses. But the result is the same, and would seem to be covered by the patent. Companies like Earthlink, Verizon and OpenDNS bring their customers to advertising pages every time they "fat-finger" a domain name. Just think about how  often we all do this, and you can imagine the amount of Internet traffic potentially involved. Some of these companies weren't re-directing this traffic safely -- there were security problems with the ad partner Earthlink chose to deal with:

http://www.portfolio.com/news-markets/top-5/2008/04/21/Hackers-Can-Exploit-Error-Page-Ads

So, the government seems to have handed VeriSign a new revenue stream. Letters may be going out shortly demanding a licensing fee -- or maybe they've already been sent.

UPDATE -- AP wrote story: http://biz.yahoo.com/ap/080514/techbit_internet_typos.html?.v=2

Ek (Aynı gün, 18.52): İddiamı destekleyecek bir önerme daha buldum. Erişime engellenen sürüyle site var ama diğerlerine OpenDNS'le falan erişmek mümkün. YouTube'a ise OpenDNS ile erişmek bile imkansız, ona özel koruma mı ne var. Neden? Çünkü OpenDNS'i birçok kullanıcı keşfetti diye sisteme binen yük yeniden artıyor. Engellenen diğer sitelerde bu kadar devasa bir arşiv olmadığı ve zaten YouTube'a erişen kadar fazla kişi tarafından erişimlediği için onlara özel engel konmuyor, lüzum görülmüyor. Budur.

Blokade konten negatif dari internet yang berbasis site dan url bisa dilakukan dengan squid atau OpenDNS ataupun keduanya. Di sini yang saya lakukan adalah, membuat blokade di Squid proxy dengan acl pada konfigurasinya dan memberikan dns forwarder pada bind9 ke OpenDNS. Kedua service tersebut berjalan pada satu mesin yaitu Ubuntu 7.10 server.

Pada konfigurasi squid ada fasilitas access control atau acl yang dideklarasikan pada berkas /etc/squid/squid.conf untuk kemudian diatur aksesnya melalui http_access di berkas konfigurasi yang sama. Untuk membuat blokade situs, pertama harus dibuat list keyword dan disimpan dalam bentuk text file, misalnya blocked.txt. Kemudian pada daftar acl di squid.conf ditambahkan acl dengan cara sebagai berikut.

Mengedit file /etc/squid.conf dengan nano.

user@server:~$ sudo nano /etc/squid/squid.conf

Menambahkan acl sebagai berikut.

acl blocked url_regex -i "/etc/squid/blocked.txt" # dalam tanda petik adalah full path ke keyword list

Menambahkan kendali akses.

http_access deny blocked

Jika diperlukan dapat menambahkan alasan pemblokiran dengan function berikut.

deny_info blocked http://localhost/block-info.html # jika akses ke situs terblokir, akan diredirect ke http://localhost/block-info.html, bisa diganti url lain.

Kemudian simpan perubahan pada file squid.conf dan restart squid.

user@server:~$ sudo /etc/init.d/squid restart

Kemudian blocking dengan OpenDNS, pertama harus mendaftar account terlebih dahulu ke opendns.com. Setelah terdaftar, kemudian login ke account. Masuk ke Dashboard, pilih Networks. Disinilah jaringan yang akan menggunakan layanan OpenDNS harus dimasukkan terlebih dahulu. Caranya mudah, hanya dengan memasukkan IP publik yang sudah terbaca oleh OpenDNS.

Setelah itu, masuk ke Settings. Di menu ini bisa diatur kategori kontent yang akan diblokir. Sistem blokadenya menggunakan teknik DNS resolve, jadi situs yang sudah diblokir tidak akan diresolve IP addressnya, melainkan sebuah halaman dari OpenDNS yang menerangkan bahwa halaman yang dibuka terlarang.

Konfigurasi filtering di OpenDNS ini sangat mudah, disamping cukup memilih kategori kontent tertentu, kita juga bisa memblok situs secara manual dengan memilih Block Individual Domains, ataupun meng-unblok situs yang terblok namun sebenarnya boleh diakses.

Setelah konfigurasi di OpenDNS.com, saatnya konfigurasi di bind9. Cukup dengan menambahkan forwarders di file /etc/bind/named.conf.options dengan cara sebagai berikut.

user@server:~$ sudo nano /etc/bind/named.conf.options

Pada tulisan forwarders tambahkan IP address DNS server OpenDNS sebagai berikut.

forwarders {
208.67.222.222;
208.67.220.220;
};

Kemudian simpan perubahan dan restart service bind9.

user@server:~$ sudo /etc/init.d/bind9 restart

Selesai, siap diujicoba. Dengan ini, maka jaringan yang bersangkutan memiliki blokade berlapis, dimana lapisan pertama adalah squid dengan keyword filternya. Jika lolos, maka ada barisan kedua yaitu OpenDNS yang tidak akan meresolve IP dari situs2 yang memiliki konten berbahaya. Ada baiknya ditambah keyword proxy, proxies dan spy di file keyword list untuk mencegah client mencari proxy lain untuk membaypass blokade ini, :D peace... :P Salam.

Chiamato DNS rebinding attack, funziona impiegando Javascript e costringe il browser a cambiare la configurazione del router per permetterne l'amministrazione remota da parte del malintenzionato. Una tattica simile a quella circolata qualche mese fa, diretta verso la funzionalità UPnP, che autorevoli fonti da tempo suggeriscono di disabilitare.

Si tratta di un intervento sull'impiego che fa il browser del DNS, il sistema di risoluzione dei nomi in indirizzi IP. Nel quadro della dimostrazione di Kaminsky, OpenDNS, il celebre sistema di DNS pubblico gratuito, offrirà ai propri utenti metodi per prevenire questo genere di attacchi e l'azienda aprirà un sito dedicato, che impiegherà la tecnica individuata da Kaminsky per tentare di cambiare le password dei router ritenuti vulnerabili.

Apparently 2Wire routers have a serious security flaw that is currently being exploited. Their routers are vulnerable to something known as DNS rebinding. Basically, if you visit a bad site (or one that's been infected), a script will run that will alter where your browser takes you after you type in a web address. This is very bad. For example, you go to check on your savings at yourhappylittlebank.com. Instead of going to the bank's site, you're taken to another one that looks exactly like it... but isn't. You enter your login info and find that you can't log in. Now hackers now have your account information! Sucks, huh? What's even worse is that the vulnerability has been around for over 8 months, and 2Wire STILL hasn't fixed it.

Are you at risk? Well, if you have DSL through AT&T or Qwest and got your router through them, you most likely are. What can you do? Well... not a whole lot at the moment, at least not until 2Wire gets off their collective butts and releases a patch. Download Firefox and the NoScript extension, and only allow sites you're absolutely sure are safe. And just be really really really careful where you surf. @.@

Also in the news...

If you have a Linksys router and haven't changed the default password, you're vulnerable to the same thing! Fortunately, it's easily fixed in this case, and for the technically un-savvy, OpenDNS created a service that makes it really easy to change it. While you're at it, you might as well set your router to use OpenDNS. It's a nifty replacement for your internet provider's DNS server and offers automatic web address spelling-correction (i.e. google.cmo => google.com) and blocks phishing sites (sites that trick you into giving away your personal info). Also, it's completely FREE!

Welp, that's it for today. Hopefully I'll make a habit of updating this thing. ^^

I have to say that after manually setting my DNS information, webpages felt like they were loading faster even though I'm using a slow laptop. I was quite surprised at how reliable this free service was. At first I did not think that changing your DNS server could help speed up web browsing, but after reading the "How it works" article, I got a fairly good idea of what was really happening.

Head on over to OpenDNS.com and take it for a test drive. It may or may not be better than what you have now, but it does not hurt to try. Furthermore, it is absolutely FREE and easy to set up!

En ocasiones he sufrido problemas con la conexión a Internet, debido a que los servidores DNS, de cierta compañía, se saturan. Buscando por google dí con un servicio gratuito llamado OpenDNS, que ofrece servidores DNS alternativos.

La configuración de los DNS (aquí) no es nada complicada. Siguiendo unos pequeños pasos se tendrá configurado el servidor DNS alternativo. No es necesario el registro en el sitio para utilizar los servidores DNS, pero será necesario si se desea configurar más opciones.

Una vez completado el registro al sitio, podremos utilizar:

• Filtro de contenidos. Bloquear sitios por categorías como: sitios de gobiernos, páginas de humor, deportes... y sí, también páginas pornográficas.
• Bloquear dominios individuales. Algún sitio que no haya sido previamente filtrado por el filtro de contenidos.
• Dominios permitidos. Se pueden agregar direcciones que por error hayan sido bloqueados por el filtro de contenidos.
• Estadísticas de acceso. Páginas visitadas, bloqueadas, etc.
• Redes. Podremos administrar diferentes conexiones a internet, previamente configurados los servidores DNS.
• Accesos directos. Se puede configurar direcciones cortas en la barra de navegación, ejemplo: mail, iría automáticamente a http://www.webmail.com
• Entre otros...

Si aparte de tener una conexión muy lenta debido a problemas con los servidores DNS se desea filtar el contenido, OpenDNS es una muy buena opción.