Chris Mosby at myITforum.com

OpenDNS is an awesome service!!  I use it at home and I also have my parents network setup for it as well, which allows me to block sites that I know are bad when I come across them while keeping track of secuirty exploits 

Brian Krebs on Computer Security

When Blocking Porn Isn't Enough

Last year, Security Fix looked at a free service that helps parents and other network administrators block adult Web sites for all of the PCs they control, without installing any software. Now, the company and community that built that service has expanded it to allow administrators to filter a wide range of online content, from hate speech sites and social networking forums to sites promoting drugs and alcohol.

The service comes from OpenDNS, the company responsible for Phishtank.com, a community-based effort that collects data on phishing sites. Phishtank's data about scam sites is fed to anti-phishing features built into Web browsers like Firefox and Opera.

For several months now, OpenDNS has offered that anti-phishing service - along with the adult site filtering feature - to anyone who creates a free account with the company. OpenDNS is now rolling out a beta feature that allows users to block content based on a variety of user-selected categories, including sites that center around drugs, alcohol, gambling, weapons, hate speech, social networking, or any one of nearly two dozen other potentially charged issues.

The new filtering beta takes the same community-based approach that built the Phishtank. Users can vote on whether a given site is properly included in a given blocking category, and/or they can suggest new categories and submit sites for inclusion or removal.

OpenDNS filters out Web page requests at the domain name system (DNS) level. DNS is responsible for translating human-friendly Web site names like "example.com" into numeric, machine-readable Internet addresses. Anytime you send an e-mail or browse a Web site, your machine is sending a DNS look-up request to your Internet service provider to help route the traffic.

Most Internet users use their ISP's DNS servers for this task, either explicitly because the information was entered when signing up for service, or by default because the user hasn't specified any external DNS servers. By creating a free account at OpenDNS.com, changing the DNS settings on your machine, and registering your Internet address with OpenDNS, the company will block whatever content you have specified.

You can change the DNS settings on each computer in your home. But if your network is behind a wireless router, a speedier and more reliable solution is to change the DNS settings on the router (see this link for instructions broken down by router model). That should cover all of the systems that connect to that router.

When I last wrote about this filtering service, I received quite a few comments from readers who took issue with the idea of parents deciding what sites their children should be permitted to visit online. Most who were critical of this approach said parents should instead focus on explaining to their kids why such sites are inappropriate and should be avoided.

But for a lot of parents -- particularly those with very young children -- that approach only goes so far. As nearly anyone who has been online for any length of time can attest, it is often quite easy to start out online at one completely innocent site or simple Web search, only to end up in the back alleys of the Internet's red light district with an errant click.

Finally, I should note what OpenDNS gets out of this whole operation. When OpenDNS users mistype a domain or enter a Web site name that doesn't exist, the service will try to determine which site you meant to visit. So, if you accidentally type "linux.cmo," it takes you to "linux.com." But if it can't fix the domain you typed, it serves you targeted text ads. In addition, users can decide whether they want the company to maintain logs of the sites they've visited, or whether the data should even be stored in the first place (logging is turned off by default).

By Brian Krebs |  February 26, 2008; 1:28 PM ET Fraud , From the Bunker , Misc. , Safety Tips
Previous: YouTube Censorship Sheds Light on Internet Trust |

Source: When Blocking Porn Isn't Enough - Security Fix