Use OpenDNS To Protect Your Business Network

26.03.2009
If you aren't using to protect your small business network, now is the time to take the few minutes to set it up. It is well worth the investment, it is free, and it will protect you from any number of issues in the future. And you might get better browsing performance as a result that your users will thank you for.

Before I tell you how to do this, let's have a brief explanation of what the Domain Name System is for those of you that really want to know. Think of what a phone book does -- it allows you if you know someone's name to look up their phone number. The DNS does something similar, except for computers: if you type in "google.com" it translates that name into a sequence of four numbers, called an IP address, which in this case for google.com is 72.14.207.99.

The overall Internet infrastructure has a series of master phone books, or DNS root servers, located at strategic places around the world and maintained by a collection of public, semi-public, and private providers. They talk to each other on a regular basis; to make sure that as we add new domains they are in synch. As you can imagine, if someone wants to "poison" one of the entries, or misdirect Internet traffic to a phony domain, it can be done with the right amount of subterfuge. This is what happened last year ago when an Internet provider in Pakistan managed to block access to all of YouTube when they were just trying to keep Pakistani citizens from viewing a single offensive video.

Here is where comes into play. When you set up your network, typically you don't give your DNS settings any further thought. If you have a cable or DSL modem, you hook it up and it automatically gets its DNS settings from the cable or phone company's DNS servers.

What I am suggesting is that you change these settings, to reflect the DNS servers at OpenDNS. This is a free service, and in case you were wondering, they make money on serving ads when you type in a domain that doesn't exist. There are instructions on their Web site based on the router that you use on your network and the whole process shouldn't take you more than a couple of minutes to read through them and implement the changes.

There are a few nice things about using . First, you can set it up to block objectionable domains, so you can protect yourself from any lawsuits. They also spend time to block known exploit domains, so you have a better chance of not getting trapped by some hacker. You also get better DNS service, because they have servers that will return the domains supposedly faster than the ones for the general Internet. They also catch common typos in domains, so if you are like me and make mistakes typing in names in your browser, they can usually direct you to the place you intended.