Open_DNS
@rr.com | Ah...OK
So that's why my OpenDNS slowed down so much a lot during the week. A lot of TWC people (I'm one of them) were moving over to OpenDNS instead of using their default from TWC. That makes sense now. |
|
Hazy Arc
join:2006-04-10
Greenwood, SC | OpenDNS
quote:
Of course switching to OpenDNS temporarily (or permanently, if you like their service) should help users.
In this day and age, it is foolish to use your ISP's DNS servers. |
|
zed260
join:2007-09-30
Cleveland, TN | persoanly
i use 4.2.2.1 and 4.2.2.2 as my dns best dns i know of |
|
robl27
Premium
join:2008-07-16
Mary Esther, FL
 ·Cox HSI
 ·Vonage
| Open DNS = EVIL
try using something that doesn't redirect your pages to their oops, i fucked up on the spelling site..
such as 4.2.2.2 and 4.2.2.3 (level 3 DNS)
(NOTE: you shouldn't have to opt out of open dns's plans to redirect you, it should be off by default, not everyone comes to this site and learns)
-Rob
--
Our 96K BroadBandStream
Our Dial Up Stream
Chat with us (IRC)
follow me on Twitter |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
| said by robl27  :(NOTE: you shouldn't have to opt out of open dns's plans to redirect you, it should be off by default, not everyone comes to this site and learns) The revenue model for OpenDNS requires that redirection be on by default. How would they cover the cost of operation if they didn't generate ad revenue by redirection?
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
Hazy Arc
join:2006-04-10
Greenwood, SC | Exactly. They even recommend that you register so that you can modify the settings for your IP address/range exactly to your liking. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to Hazy Arc
Re: OpenDNS
said by Hazy Arc :In this day and age, it is foolish to use your ISP's DNS servers. They work for me:
First pair are ATTIS, which are assigned to my connection by 'at&t Yahoo! HSI'.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to zed260
Re: persoanly
4.2.2.2 has not worked for me for a couple of weeks, now:
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
battleop
join:2005-09-28
00000
| 4.2.2.2 still works. There may be a problem else where.
battleop@toybox4:~$ nslookup
> server 4.2.2.2
Default server: 4.2.2.2
Address: 4.2.2.2#53
> google.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
Name: google.com
Address: 209.85.171.100
Name: google.com
Address: 74.125.45.100
Name: google.com
Address: 74.125.67.100
> dslreports.com
Server: 4.2.2.2
Address: 4.2.2.2#53
Non-authoritative answer:
Name: dslreports.com
Address: 209.123.109.175 |
|
iansltx
join:2007-02-19
Golden, CO | reply to zed260
4.2.2.1-6 have all worked at least for me, and due to location they're much faster thn OpenDNS. Especially 4.2.2.4-6; ping 'em and I get 12ms most of the time. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to battleop
said by battleop :4.2.2.2 still works. There may be a problem else where. Maybe an ACL, or just some local Level 3 issue. Their DNS servers, and they use "Anycast" on their DNS servers.
Not really a problem for me, just an observation. All three DNS providers, ATTIS (my ISP), OpenDNS, and Level 3 are using "Anycast", and all three ping within 12 ms of my location. The 'ns_bench' test generally shows a slight edge to the ATTIS DNS servers, so I only use the others for experimenting.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
rcm
join:2004-02-16
Pulaski, TN | reply to robl27
Re: Open DNS = EVIL
level 3 dns for the win
4.2.2.2 and 4.2.2.3 have worked for me for a very long time with no hiccups |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA | reply to iansltx
Re: persoanly
Did OpenDNS deploy a new DNS server cluster closer to Texas than Chicago, Illinois?
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to rcm
Re: Open DNS = EVIL
said by rcm :level 3 dns for the win Depends:
ATTIS seems to work better for me.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
thedragonmas
join:2007-12-28
Albany, GA
| dreamhost webhosting affected too!
taken from »www.dreamhoststatus.com/
quote:
Our DNS servers are currently running slowly/failing to do lookups. This is causing some of our sites to resolve slowly or not at all. Our admin team is working on the issue right now. More updates to come.
Update: We are experiencing a DNS flood to our primary DNS servers which has stopped for now but the admin team is continuing to investigate so that we can attempt to avoid and further issues related to this incident. We apologize for the inconvenience!
Update: We have found the source of the problem. It looks like there is a windows trojan going around that attempted to make contact with a domain that is pointing to our nameservers, but isn’t actually being hosted by us (was likely an old customer that removed it from hosting, but didn’t change the nameservers to point away from us). This caused the flood of traffic to come in and overwhelm our DNS servers. You can find more information about this trojan here:
»www.sophos.com/security/analyses···taa.html
Unfortunately, DNS attacks are nearly impossible to stop if they’re well crafted. In this case, all of the traffic is perfectly legitimate and there’s nothing special about the packets that any protection system could really block. We are in contact with verisign (the registrar of that domain) now to try and stop this domain from pointing to our nameservers and are doing everything we can on our end to resolve this issue.
Update: This issue should now be resolved, as we’ve been able to filter out traffic for the offending domain, and send it to the bit bucket! We haven’t seen a surge in DNS traffic since 02:20pm PST, so things are in the clear!
Update: Unfortunately, we are still being attacked sporadically even after blocking this virus and are still investigating the issue. We are not the only ones being affected by this. Time Warner cable is also suffering from this as well:
»arstechnica.com/security/news/20···vice.ars
We’re doing all that we can to resolve this issue, but since it’s out of our control there’s only so much we can do.
|
|
SLD
Premium
join:2002-04-17 | reply to Hazy Arc
Re: OpenDNS
Just like using your ISPs email service. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA | Not quite. |
|
Smith6612
Premium
join:2008-02-01
united state | reply to thedragonmas
Re: dreamhost webhosting affected too!
Dreamhost saying it's a trojan is probably right on the ball, if even Time Warner is having issues with their DNS servers. I haven't seen Verizon's servers get flaky (yes I use ISP DNS), but hope this clears up for everyone soon. |
|
warbman
@rr.com
| Attack is Justified
Time Warner Executives are subverting visa laws by allowing foreign operatives to displace American workers using WebX. WebX allows foreign operatives to work from another nation and replace most any job in their organization without conforming to Visa laws.
Thus Executives and the CEO is able to enrich themselves while putting another American Family on the street. They are quite calculated in their search for profits and know no mercy or social responsibility.
I support the hacker attack on Time Warner Executives because of their unscrupulous and unconventional war tactics that they wage on American employees.
I hope the attacks intensify because it is the only way to help American families feed their children. We need the jobs here on American soil. When the Executives stop waging unconventional warfare on their employees I expect the attacks to diminish.
If TW CEO’s and Executives continue to wage unconventional warfare against their employees then I will cancel my service. |
|
DNSmasq
@rr.com
| Use DNSmasq to shotgun your request to multiple servers
I took somebodies advice a ways back and setup my Linksys router with DDWRT, then did some extended configuration of DNSmasq. Now my router forward my DNS requests to multiple DNS servers from multiple providers at once and uses the quickest reply.
Just put this in to your DNSmasq options box and reset your modem.
## Extended DNS setup
all-servers
domain-needed
filterwin2k
bogus-priv
stop-dns-rebind
# Kill DNS redirection by TWC for unknown domains
bogus-nxdomain=208.67.219.132
# Local DNS GUI option enabled = Use ISP DNS servers received through DHCP in addition to DNS servers below.
## Additional DNS servers
# Level3 AnyCast DNS servers
server=209.244.0.3
server=4.2.2.2
# Speakeasy DNS servers
server=64.81.45.2
server=64.81.79.2
# OpenDNS AnyCast DNS servers
server=208.67.222.222
server=208.67.220.220
|
|
