LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Security concern about OpenDNS (http://www.linuxquestions.org/questions/linux-networking-3/security-concern-about-opendns-4175424458/)

leosubhadeep 08-28-2012 02:04 PM

Security concern about OpenDNS
 
For aroud a month, I have been using OpenDNS. I must admit my internet speed has become a little faster, though not as per expectation. I'm happy with my current speed.
The concern is about the security, as many important data is transacted over my network. :newbie:
I ask suggestions regarding this.

Thanks in advance.

unSpawn 08-28-2012 05:57 PM

Quote:

Originally Posted by leosubhadeep (Post 4766696)
The concern is about the security, as many important data is transacted over my network.

Could you briefly outline what your concerns are, the type of transactions and if you encrypt your in transit data?

leosubhadeep 08-29-2012 04:14 PM

Quote:

Originally Posted by unSpawn (Post 4766875)
Could you briefly outline what your concerns are, the type of transactions and if you encrypt your in transit data?

Well, sometimes I do online banking transactions and other financial transactions required for my work. Also, source codes of project files are passed over the connection. No I don't manually encrypt my data, it's another thing the clients (e.g. banks) use their own kind of protections.

I use Google Apps for my business, still have a doubt about any leakage (output) / attacks (input) for OpenDNS.
Do you use it yourself? Actually I was looking for a LQ guy who uses this, as OpenDNS site claims a lot and so every service provider does! :D

jefro 08-29-2012 05:25 PM

OpenDNS if bought as a service may provide some small amount of security. The free IP is a good start but dns can't provide security. Data security is a number of practices that secure your system. The list is extensive. Knowing and using more of them increases your security.


I'd use a live cd of a hardened OS.

unSpawn 08-29-2012 05:59 PM

Quote:

Originally Posted by leosubhadeep (Post 4767732)
Well, sometimes I do online banking transactions and other financial transactions required for my work. Also, source codes of project files are passed over the connection. No I don't manually encrypt my data, it's another thing the clients (e.g. banks) use their own kind of protections.
I use Google Apps for my business, still have a doubt about any leakage (output) / attacks (input) for OpenDNS.

Simply put servers serve and accept data, routers route traffic and domain name servers basically resolve host names to IP addresses. So while you expose (reverse) host names to the latter in requests you don't leak more data to them than that.


Quote:

Originally Posted by leosubhadeep (Post 4767732)
Do you use it yourself?

No I don't. For one I don't need the phishing / malicious / "family" / whatever else filtering Norton, Advantage, Google Public and other free DNS services come with and I don't like the redirects (they've got to pay bills too). I want a reliable answer like "NXDOMAIN" because last time I checked Open Standards were the foundation of networking and not adverts.


Quote:

Originally Posted by jefro (Post 4767764)
I'd use a live cd of a hardened OS.

@OP: please see this thread.

leosubhadeep 08-30-2012 12:44 AM

Quote:

Originally Posted by unSpawn (Post 4767779)
Simply put servers serve and accept data, routers route traffic and domain name servers basically resolve host names to IP addresses. So while you expose (reverse) host names to the latter in requests you don't leak more data to them than that.

Glad to know that. Thanks a lot.

No I don't. For one I don't need the phishing / malicious / "family" / whatever else filtering Norton, Advantage, Google Public and other free DNS services come with and I don't like the redirects (they've got to pay bills too). I want a reliable answer like "NXDOMAIN" because last time I checked Open Standards were the foundation of networking and not adverts.[/QUOTE]

Couldn't get a single line. What were you trying to say? :(

jschiwal 08-30-2012 12:55 AM

You can use OpenDNS' family filter to block unsuitable sites. The blocked sites are more likely to contain malware.
For an SMB I'd recommend using a dedicated netbook for online banking transactions. Do one of only two things, your banking or security updates. When not doing this, power down and lock it in your safe.

leosubhadeep 08-30-2012 03:01 AM

Quote:

Originally Posted by jschiwal (Post 4767970)
You can use OpenDNS' family filter to block unsuitable sites. The blocked sites are more likely to contain malware.
For an SMB I'd recommend using a dedicated netbook for online banking transactions. Do one of only two things, your banking or security updates. When not doing this, power down and lock it in your safe.

That was what I had wanted to know. Thanks for telling me about the "Parental Control". But using it enabled, my bank's website isn't showing up properly.
The idea of a dedicated netbook is good. I must consider it for my transactions.

leosubhadeep 08-30-2012 08:10 PM

Trying to use Google's public DNS before making any decision. OpenDNS truly has to pay bills, too; I just overlooked that my privacy can be compromized. Google is reliable, but not giving as much speed as OpenDNS in Linux.

leosubhadeep 09-08-2012 12:13 PM

Guys, I think I was doing wild-goose-chase. So sorry for wasting your valuable time. :(

I think no OpenDNS/Google DNS service can give me a faster browsing experience since they are all US-based and I'm using all aspects of Ubuntu (from software source to locale) of India. I am using BSNL broadband service, so my common sense tells me that OpenDNS is totally useless and uncontextual for me and I'd better not use it as I'm somehow disclosing my identity (e.g. logging in to OpenDNS).:o

I think I'm right, but I'll really appreciate if at least two of senior members tell me that I'm thinking right.

NyteOwl 09-08-2012 02:05 PM

You use apps hosted by a third party known for data mining on their servers to run your business and your worried about your DNS?

leosubhadeep 09-08-2012 04:00 PM

No one can know everything
 
Quote:

Originally Posted by NyteOwl (Post 4775758)
You use apps hosted by a third party known for data mining on their servers to run your business and your worried about your DNS?

Yes, I'm worried (or was worried) abount my DNS. I think I know the apps I run well, but unsure/ignorant about DNS. Is that a problem? I eat KFC meals occassionally, KFC is known to me, but I don't know their secret recipe.

jefro 09-09-2012 12:16 PM

OpenDNS is a good product. It is part of a total security collection of best practices. Using more of them helps protect your data.

NyteOwl 09-14-2012 02:32 PM

I'd be more worried about Google having complete access to my data but to each their own.

leosubhadeep 09-14-2012 04:01 PM

Quote:

Originally Posted by NyteOwl (Post 4780540)
I'd be more worried about Google having complete access to my data but to each their own.

Haha, I agree! Nosey Google, they even want to know (probably) what you have worn underneath yourpants. :D


All times are GMT -5. The time now is 06:35 PM.