how-to block ads
|
|
Share Topic
 |
 |
|
|
 fcislerPremium
join:2004-06-14
Riverhead, NY
1 edit | reply to koolkid1563
Re: OPENDNS Wow...way to completely misread my post. No, I don't think or assume that. I also didn't say "HACKS", as in the sense I'm going to assume that you mean - I said hack. Here's a definition:
1. Originally, a quick job that produces what is needed, but not well.
Perfect definition in this case.
It IS a hack as there is NO, read it, NO, means for authentication via DNS. In otherwords - when I request a result from OpenDNS - it is identical to YOUR request, with the exception of our IP address'.
Now...it IS a hack that they will then have THEIR DNS SERVER check a database to find MY IP to find that I OPTED OUT of their bogus domain forwarding.
You are completely off in your assumption - I don't see OpenDNS as having ANY OTHER WAY to "fix" the results than those steps posted. If you have any other inside info - please post it.....but I don't ever recall seeing ANY OTHER DNS do that, unless specifically designed to. | |
 davidu
join:2006-12-28
San Francisco, CA | said by fcisler:It IS a hack as there is NO, read it, NO, means for authentication via DNS. In otherwords - when I request a result from OpenDNS - it is identical to YOUR request, with the exception of our IP address'. Now...it IS a hack that they will then have THEIR DNS SERVER check a database to find MY IP to find that I OPTED OUT of their bogus domain forwarding. You are completely off in your assumption - I don't see OpenDNS as having ANY OTHER WAY to "fix" the results than those steps posted. If you have any other inside info - please post it.....but I don't ever recall seeing ANY OTHER DNS do that, unless specifically designed to. There's more than just your IP address. There's the query_id mux'd in there along with some other request-specific bits that make it hard to forge a reply from us. That said, this is NO different from the way any other DNS server works. UDP is stateless and that's the name of the game.
That said, we do base preferences on your src_addr. It works very very well. It's not at all a hack just because it's new to you. It was far from a quick job and it does the job well. So well in fact that others are trying to figure out how to emulate it, including BIND.
-david | |
|
