Open DNS Continually Fails

Discussion in 'other software & services' started by sportsfan7700, Jun 29, 2010.

Thread Status:
Not open for further replies.
  1. sportsfan7700
    Offline

    sportsfan7700 Registered Member

    When trying to use the DNS settings for vista on a fresh install, I cannot seem to access/use them after the ipv4 208.67.222.222 & 208.67.222.220. Are there any other known DNS sites I could try?

    Matt
  2. GlobalForce
    Offline

    GlobalForce Regular Poster

    Trusting you've been able to access the net via your isp's, searching "public dns servers" should provide enough ideas.
  3. sportsfan7700
    Offline

    sportsfan7700 Registered Member

    I agree just thought it was weird that open dns would always seem to fail. I know of one by google, but my question is: Do programs like open DNS & the like actually have any benefit versus your isp?
  4. J_L
    Offline

    J_L Registered Member

    Open DNS provides phishing protection (PhishTank), customizable web content filtering on various things, malware/botnet protection from wide-scale botnets and particularly malicious malware (currently Conficker and zero-day exploits), network shortcuts, typo correction, statistics, and SmartCache.
  5. wilbertnl
    Offline

    wilbertnl Registered Member

    I noticed an error in one of the DNS addresses that you mention in your post, it has happened to me that I overlooked a type error and blamed it on something else:

    opendns.jpg
  6. firzen771
    Offline

    firzen771 Registered Member

    never had a problem with openDNS, u sure ur doing it right?
  7. funkydude
    Offline

    funkydude Registered Member

    Ping the IP, if it's not responding, you probably typoed it :D
  8. sportsfan7700
    Offline

    sportsfan7700 Registered Member

    I was able to get it to connect eventually:) Took a few tries though.
  9. guest
    Offline

    guest Guest

    Try Google Public DNS: 8.8.8.8 and 8.8.4.4

    And this tool to find out the fastest DNS for your location: http://www.grc.com/dns/benchmark.htm

    Despite all the marketing... some facts:

    - OpenDNS is considerably slower than Google Public DNS in most locations of the world;

    - OpenDNS doesn't follow the approved standards for DNS handling because it displays its search page (with some ads) when you try to access an unreachable website;

    - OpenDNS PhishTank powered protection isn't effective. This PhishTank powered protection is also used by Opera browser, in combination with additional phishing protection from Netcraft, and NSS Labs proved the whole thing to be very inferior when compared to IE8's SmartScreen filters and Firefox phishing protection. Check: http://nsslabs.com/browser-security-phishing-3Q2009
    Last edited by a moderator: Jun 30, 2010
  10. bellgamin
    Offline

    bellgamin Very Frequent Poster

    Another advantage-- Open DNS (& other alternate DNS services) are sometimes markedly faster than the DNS server used by your ISP.

    To check speed of DNS alternatives (including Open DNS) get freebie at...
    http://www.grc.com/dns/benchmark.htm

    To check latency get freebie at. . .
    http://www.thesycon.de/deu/latency_check.shtml

    To easily switch between DNS servers get freebie at...
    http://sourceforge.net/projects/tcpipmanager/
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Sir Peter in the Pan posted a hair faster than me, so we duplicated on the suggestion for DNS benchmark.

    I agree that Open DNS is not the panacea for browser security. I recommend Safe Online non-free -- cheap at just $14.95 but some folks (not me) know how to get it cheaper. Buy it at...
    http://www.prevx.com/homeandfamilyusers.asp?units=1&duration=year&safe=Y#boxxfree
  11. funkydude
    Offline

    funkydude Registered Member

    Aiii, more fail posting like your KPP failure post.

    1. That's not a fact, that's the situation for YOU only. Putting the issue of trust in Google aside from my person opinion, I'll show only the facts.

    1=OpenDNS
    2=Google DNS
    3=Norton DNS
    You can see Google scores LAST. Is this going to be the same for everyone? NO! You cannot sit there and spout out "Google is faster than OpenDNS". A load of rubbish.
    trace.png

    2. I like how you spout out rubbish like this without facts. Please document the "standard" behind DNS that OpenDNS is failing to adhere by.

    3. OH WOW, Phishtank failed a MALWARE test? Who'd have though eh? FYI, although Opera has a Phishtank icon, they haven't used Phishtank in ages. They use Netcraft only, and the malware protection is fail because it's non-existent (TRUSTe).
  12. sportsfan7700
    Offline

    sportsfan7700 Registered Member

    With the test I ran:

    1). 4.2.2.2
    2). 4.2.2.3
    3). 67.19.0.10
    4). 156.154.71.1
    5. 67.10.0.10

    Can anyone 1), tell me whose dns' the following belong to?
    2. Any other free alternatives (with ip addresses) I could try?

    Matt
  13. guest
    Offline

    guest Guest

    Well, no fail posting there. KPP v1, v2 and v3 were in fact bypassed - proves are in the web, and you found the sites. The only thing I got wrong was that I thought there were already widespread malwares exploiting KPP - well, they exist as proves of concept, but aren't already widespread (my bet: they will get, eventually, when x64 gets truly dominant).

    I didn't answer you there, however, because I never feed trolling activity. By failing to agree, post after post, with the simple fact that pure 32-bit apps consume way more memory on 64-bit OS than on 32-bit OS, your posts had fallen under the trolling activity label.

    I think that the GRC DNS Speed Benchmark, pointed out on my last post and on bellgamin's post, can help give you (and anyone else) more definitive conclusions. You can also try this one: http://code.google.com/p/namebench/

    And yeah, I don't know if Google Public DNS is always faster than other alternatives. If I knew, I probably wouldn't link to the GRC tool as I did previously.

    I said that out of my experience + knowing from results of benchmarks made by other people. A "Here" word there could eliminate any misinterpretation. But I deliberately wanted to be more efusive - was trying to make counterpoints with the OpenDNS's features little marketing.

    Some informative reading:

    http://www.manu-j.com/blog/opendns-alternative-google-dns-rocks/403/

    http://www.manu-j.com/blog/opendns-vs-google-dns-which-is-better/405/

    http://www.manu-j.com/blog/opendns-upgrade-network-rising-to-the-google-challenge/408/

    http://www.pcworld.com/article/183671/google_public_dns_and_your_privacy.html

    DNS Implementation and Specification: http://www.ietf.org/rfc/rfc1035.txt

    IANA registry: http://www.iana.org/assignments/dns-parameters

    ICANN Preliminary Report on DNS Response Modification: http://www.icann.org/en/committees/security/sac032.pdf

    Please, agree with this simple fact this time. If not, I'll ignore you here again, because your post will fall again under the trolling activity label.

    Please, explore things. I'm sure you can find out what you want without my help. But you will get it, anyways: http://nsslabs.com/browser-security-phishing-3Q2009

    According to:
    http://www.opera.com/browser/features/
    and
    http://www.opera.com/docs/fraudprotection/

    Opera still uses Phishtank + Netcraft for Phishing blocking. So NSS Labs findings are relevant.

    1.
    1) and 2) are Verizon/Level 3 DNS Server. I don't recommend it - got a poor reliability history.
    3) and 5) probably are your ISP's DNS.
    4) and the 156.154.70.1 are DNS Advantage: http://en.wikipedia.org/wiki/DNS_Advantage

    2.
    The GRC tool comes with the Internet's most popular top-50 domain names.
    Also look: http://en.wikipedia.org/wiki/List_of_public_domain_name_servers#IPv4_Servers
  14. funkydude
    Offline

    funkydude Registered Member

    If another bypass is found, it will simply be patched out again.

    Words cannot describe how deep my face is in my palm right now, it's called admitting you're wrong.

    Most likely. So I ran it, and it showed OpenDNS as being better than Google, something I already knew, brilliant eh?
    test.png

    Let's look back at what you said:

    Now you're saying you don't know, but before you were saying FACT? RIGHT! :argh: Wrong again then.

    No you didn't, you said FACT. You're WRONG.

    Very informative indeed, NONE of it shows how OpenDNS isn't complying with "DNS standards". One article downplays the ethics of diverting dead links to search results.

    Simple facts? Most of it is speed test from various locations of the world proving EXACTLY my point, the location of where you live is what decides which is fastest. Just look at the London results where Google SUCKS.

    Wrong again, READ THAT LINK. It shows Opera as outperforming Chrome in PHISHING tests with over 50%. Your first link in the other post was a MALWARE test.

    I'm mildly sure it no longer uses Phishtank. But considering it blocked over 50% of phishing, I'd call it successful anyway.

    Care to share some more rubbish as "fact" now Mr Pan?

    Now before you go off and add me to your ignore list "again" apparently, and probably continue to spam these forums with utter nonsense, here a few quotes from your links about Google.

  15. HAN
    Offline

    HAN Registered Member

    Here is a DNS server list I compiled over a bit of time. It's in no order & I have not tried them all. I make no guarantee of speed, privacy policies or anything for that matter. Just thought someone might find it useful...


    Visizone:
    74.50.55.161
    74.50.55.162

    Norton DNS:
    198.153.192.1
    198.153.194.1

    Google:
    8.8.8.8
    8.8.4.4

    SpeakEasy.net:
    dns.sfo1.speakeasy.net [64.81.79.2]
    dns.sea1.speakeasy.net [66.93.87.2]
    dns.nyc1.speakeasy.net [216.254.95.2]
    dns.wdc1.speakeasy.net [66.92.159.2]
    dns.atl1.speakeasy.net [216.27.175.2]
    dns.chi1.speakeasy.net [64.81.159.2]
    dns.lax1.speakeasy.net [64.81.45.2]

    Level3:
    4.2.2.1
    4.2.2.2
    4.2.2.3
    4.2.2.4
    4.2.2.5
    4.2.2.6

    AT&T:
    68.94.156.1
    68.94.157.1

    Sprint:
    ns1.sprintlink.net [204.117.214.10]
    ns2.sprintlink.net [199.2.252.10]
    ns3.sprintlink.net [204.97.212.10]

    OpenDNS:
    208.67.222.222
    208.67.220.220

    OpenDNS (Family Shield):
    208.67.222.123
    208.67.220.123

    ThePlanet:
    ns1.theplanet.com - 216.234.234.30
    ns2.theplanet.com - 12.96.160.115

    LayeredTech:
    ns1.layeredtech.com - 216.39.90.2
    ns2.layeredtech.com - 216.39.90.3
    ns3.layeredtech.com - 72.36.190.2
    ns4.layeredtech.com - 72.36.191.2

    DNS Advantage:
    156.154.70.1 rdns1.ultradns.net
    156.154.71.1 rdns2.ultradns.net
  16. wilbertnl
    Offline

    wilbertnl Registered Member

    With regards to focusing on speed tests in this interesting threat, my understanding is that these tests may show responsiveness to a single activity, but if your system requests the IP of an address that isn't available in the DNS cache, the DNS service will forward the request to another level of the DNS structure.

    What if your DNS responds fast, but it's cache is small/incomplete?
    The point that I try to make is that I assumed that completeness of the DNS cache of your DNS service also matters.
    Would you not agree?

    - I find phone numbers of my friends faster in my 'rolex', but sometimes I do need that bulky 7 lbs phone book out to make a call.
  17. Spiral123
    Offline

    Spiral123 Registered Member

  18. firzen771
    Offline

    firzen771 Registered Member

    really? u said its pretty clearly and definitively right here that Google DNS IS faster (which for my location it isnt) backtracking it seems to cover up what u said?

  19. guest
    Offline

    guest Guest

    It's not that simple, as patches to KPP usually take years to come out (the first one came out on Vista Service Pack 1). All can happen, however, including KPP being patched more regularly.

    o_O

    Nothing special. OpenDNS probably can't be always slower than Google Public DNS in all locations. But in most locations, it is.

    Then why would I indicate the GRC tool first? Well, I think this issue doesn't deserve any other explanations as it is becoming a philosophical discussion about facts/opinions.

    All of it show, in one way or another. Some more:

    http://www.icann.org/en/topics/new-gtlds/nxdomain-substitution-harms-24nov09-en.pdf

    http://www.apps.ietf.org/rfc/rfc2308.html

    http://en.wikipedia.org/wiki/OpenDNS#Privacy_issues.2C_conflicts_and_covert_redirection

    There, I was saying "simple fact" in reference to the NXDOMAIN substitution practice by OpenDNS not complying with DNS standards.

    So, you agree that Opera is the last considering phishing+malware protection.

    Also, you agree that Opera is in third pace considering phishing protection alone. Way behind other free leaders, IE and Firefox.

    My first link had all the links you could find relevant, including this one. It is the first page of the study.

    http://nsslabs.com/browser-security-phishing-3Q2009
    just came from http://nsslabs.com/browser-security

    Prove that Phishtank isn't used anymore by Opera.

    If you can't prove: Phishtank isn't effective because even with the help of Netcraft, IE and Firefox block near 30% more phishing pages, resulting in 80%+ scores on phishing protection.

    First, I simply refuse to continue discussing when facts aren't being accepted, like the fact of higher memory consuption by pure 32-bit apps on 64-bit OS not being accepted by you on that thread.

    Second, I guess you are being irrational and offensive by saying that I spam these forums with utter nonsense. If that was the case, I'm sure I would be already banned from Wilders.

    Third, what's wrong regarding Google? Even more information: http://code.google.com/speed/public-dns/privacy.html

    OpenDNS also collects information: http://www.opendns.com/privacy/

    The information collected by them is needed to ensure proper functionality of DNS services.

    In most cases/locations it is, not in all cases. If Google Public DNS was, in all cases, faster, I wouldn't link to the GRC tool.

    Look at what I said: "OpenDNS is considerably slower than Google Public DNS". In general terms, OpenDNS is considerably slower than Google Public DNS, because, in most locations, it is indeed slower.
  20. firzen771
    Offline

    firzen771 Registered Member

    actually u culdve simply linked it so the user can give it a shot themselves, u didnt seem to have doubt in ur statement otherwise u wuldve stated it.

    and can u show me this proof that u have that in "MOST" locations, google DNS is faster? considering how big the planet is, i dont know if u can justifiably say "most" places... because its faster wer u have used it, that doesnt equal "most" places.
  21. guest
    Offline

    guest Guest

    Look at this map: http://www-files.opendns.com/img/opendns_network_map.png

    And then look at these results: http://www.manu-j.com/blog/opendns-vs-google-dns-which-is-better/405/

    OpenDNS is faster only where it already has servers: USA and some few parts of Europe. In the rest of the world (most locations), Google Public DNS is faster. This situation may change when OpenDNS release their planned servers in Germany, Brazil, India, Hong Kong and Australia.
  22. funkydude
    Offline

    funkydude Registered Member

    You and I have no clue how fast an exploit would be patched after it being found, you're simply making assumptions.

    ....
    As Google adds more DNS servers it will be faster than OpenDNS, as OpenDNS adds more DNS servers it will be faster than Google.

    Considering the Google and OpenDNS servers are in the same place, for example, in the UK (London) and OpenDNS scored better, it proves OpenDNS has a better infrastructure going.

    Stop making excuses. You stated fact, and you were wrong. :cautious:


    NONE of them state that Open DNS is flawed because it is using DNS incorrectly. You're simply linking to standards with no proof that OpenDNS is somehow harming them.

    Put it this way, a privacy issue on a redirection of an incorrectly typed domain which happens once in a blue moon, or a privacy issue for EVERY SINGLE DOMAIN you enter (a la Google). I know my choice.


    Again, the only thing you ever mention in the way of Open DNS failing at standards is the redirection.... something that's supposed to be a helpful feature.


    Malware protection has nothing to do with this discussion, stop bringing it in, I don't care about malware protection and opera, this is about the effectiveness of Phishtank's phishing protection.

    Yes, but this debate is about the speed of OpenDNS not the effectiveness of Phishtank, which is solely run by user votes not paid employees. It is a freebe that comes with OpenDNS with no extra expense of speed. So basically extra protection and no cost of speed, sounds good to me.

    Most phishing sites I submit to phishtank, which are then accepted, aren't blocked by Opera


    No. You obscured the facts. You were trying to pull off that 64bit memory usage is very high, when in reality, it is minimally increased.

    There's a difference between spamming nonsense, and spamming nonsense with attempts at proof, when you genuinely think you're right. Why would you get banned for trying to prove a point, even if you are wrong.


    OpenDNS only collects stats for use in your OpenDNS CPanel. Google harvests your privacy because that's how it makes it's money.

    Again I must bring us back to Google and OpenDNS being in the same location in London and Google failing. I'm willing to bet that if OpenDNS had a server in every location Google did, it would be faster too. The only reason you currently think it's faster is because Google has servers closer to the tested areas. I need not remind you that OpenDNS is continually adding more servers, as well as Google.

    THANK YOU for finally admitting it's all about location.


    I love how you state "OpenDNS is faster only where it has servers", as if that's the only thing it has going for it to make it faster *Cough* Google DNS is only faster where it already has servers. See what I did there? What does that do? Bring me back to my original point that speed varies for EVERYONE. There is NO FACTS that Google DNS is faster than OpenDNS.
  23. Cudni
    Offline

    Cudni Global Moderator

    This is turning into a personal argument, You this and You that. Please stop it and concetrate on discussing the subject at hand with civility. Thank you all
  24. sportsfan7700
    Offline

    sportsfan7700 Registered Member

    I have started to use DNS Advantage for the time being. I will evaluate it and see how things go. I also may run another test to see.
  25. J_L
    Offline

    J_L Registered Member

    Any better free alternatives then? Don't really care about speed (tested second fastest using benchmarking behind my ISP's), but it's the security that matters. My network also have some normal users on it..
    The ads aren't a problem when almost every website have them. AdBlock Plus, and they're pretty much all gone.

    Not going to use Norton because it seems to censor too much without my control. Comodo, DNS Advantage, and Google DNS doesn't seem to offer any protection to my machines (when I tested them), although their servers may be more secure.

    OpenDNS still seems to be the best choice imo.
    Last edited: Jun 30, 2010
Thread Status:
Not open for further replies.