The OpenDNS Anti-Censorship Policy
Today we published a new policy. It's something we've always honored, but we're so firm in our convictions about this particular topic that we felt it necessary to share our stance officially.
OpenDNS protects you from becoming infected with malware by blocking known malicious domains from resolving at the DNS layer and stops botnets from communicating to their command and control points. Since this protection is delivered at the DNS layer, OpenDNS is able to proactively stop infections and attacks before a user or device has accessed them.
Contact Sales
Benefits
-
Threat intelligence
Since OpenDNS resolves 1% of the world's DNS queries, it has unique insight into security threats and trends. In addition, more than 10 of the world’s leading authorities on malware sources and botnet destinations partner with OpenDNS to keep you safe.
-
Inbound malware protection
OpenDNS’s malware site protection proactively blocks access to malicious sources, greatly reducing the risk of infections. Malware encompasses traditional viruses and worms, as well as modern trojans and drive-by installers. This internet-wide protection is application-, operating system-, protocol- and port-agnostic. OpenDNS complements your existing endpoint anti-virus and network firewall solutions and strengthens your defense-in-depth strategy.
-
Outbound botnet protection
Unlike most security products, OpenDNS stops known bots on your network from phoning home. Since bots rely on DNS to connect to their master for instructions, OpenDNS is in a unique position to block that communication path. OpenDNS is able to quickly inspect every outbound request and compare it against our continuously-updated lists of known command and control servers. When OpenDNS sees a request for a known malicious site (i.e., irc.badbot.ru), OpenDNS will block the domain from resolving by redirecting the request to a block page and will notify you.
This reduces the risk of criminal organizations extracting sensitive and personally identifiable information from compromised devices or launching attacks using your network and endpoint resources. Botnets leverage DNS to constantly fast flux between hundreds of IP addresses in order to avoid detection. Only OpenDNS can effectively eliminate these connections from occurring.
Through this unique outbound approach, any botnet brought onto your network through a compromised machine will be blocked without any additional effort.
-
Phishing protection
OpenDNS created and operates PhishTank, the largest clearinghouse of phishing information on the Internet. PhishTank data is automatically integrated into your OpenDNS service, providing your users with protection against fraudulent websites that attempt to steal your personal information and money.
-
Suspicious response protection
Suspicious responses are used in DNS rebinding attacks to allow malicious scripts access to internal network resources. They do this by pointing public DNS entries to the internal network space. OpenDNS allows you to block these suspicious responses and secure your network from DNS rebinding attacks.
Learn about OpenDNS solutions for:
Network Map
Global coverage and capacity with 12 data centers across the world. 100% uptime.
I think for at least the next two years, we will continue to see the bot delivery mechanism be the delivery mechanism for the most damaging attacks.
Gartner Security Analyst
Blog
-
Feb 16
-
Feb 16
Tales from the DNSCrypt: Linux Rising
In just a few simple steps, Linux users can have DNSCrypt up and running. Here are the easy instructions.
