KoRnGtL15Premium
join:2007-01-04
Grants Pass, OR | Comodo DNS vs OpenDNS..... Any reviews/thoughts on the 2? Trying to decide which 1 to go with. |
|
 w8sdz
join:2001-05-21
Port Orange, FL | I recommend OpenDNS. Reasons:
»windowssecrets.com/2009/07/09/02···e-tricks
In case you are wondering why OpenDNS is so reliable and provides fast response to DNS queries, The secret is Anycast:
»www.answers.com/topic/anycast
--
73 de w8sdz - sip:271752@us.voxalot.com
|
|
 ZZZZZZZPremium
join:2001-05-27
PARADISE | reply to KoRnGtL15
Why would anyone trust Comodo? |
|
|
|
 SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by ZZZZZZZ:Why would anyone trust Comodo? Why would anybody not trust Comodo? |
|
 MarkAWBarry WhitePremium
join:2001-08-27
Canada
kudos:16 | said by Steve:said by ZZZZZZZ:Why would anyone trust Comodo? Why would anybody not trust Comodo? Hmmm lets see the fiasco with the Certificates for one.
--
Sometimes we lose friends for whose loss our regret is greater than our grief, and others for whom our grief is greater than our regret. François de la Rochefoucauld
Sometimes the appropriate response to reality is to go insane |
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by MarkAW:[Hmmm lets see the fiasco with the Certificates for one. You mean the one where the bad guys were serving malware from a Comodo-SSL bearing site, and where Comodo revoked the cert within 24 hours?
Or is there something else? |
|
ZZZZZZZPremium
join:2001-05-27
PARADISE | »www.wilderssecurity.com/showthre···t=242453
--
~~Get our troops home...now!!~~ |
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | I don't get it - lots of companies offer domain validation certs, it's automated (I have tons of DV certs from GoDaddy - they've never checked into me).
I looked at the Wilders thread, and other places as well, and I still don't get what the beef is. You can't tell from a domain name whether it's gonna be bad or not, and the whole purpose of DV certs is that they're cheap and fast.
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Orange County, California USA | my web site |
|
ZZZZZZZPremium
join:2001-05-27
PARADISE | That's fine if you choose to trust them.
After this and the way they treated [lied] to all Boclean users.......I will never install or use 1 of their products ever.
--
~~Get our troops home...now!!~~ |
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | I have no dog in this fight, and I only care about making an accurate assessment of risk. I am seriously open to input (I'm considering a code-signing cert from Comodo).
My suspicion: they offer domain-validated certs cheaper than others, so they get lots of interest... including from the bad guys. I don't have any evidence that they have done anything to encourage the bad guys in particular, other than offering a product that the broad market finds attractive.
I don't know anything about the Boclean matter, and (as a disinterested party) am not sure I'd care all that much.
Steve
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Orange County, California USA | my web site |
|
 Its a SecretPlease speak into the microphonePremium
join:2008-02-23
Da wet coast
kudos:3 | reply to KoRnGtL15
All in all, my vote's for OpenDNS. |
|
 danny9Go Ahead, Make My DayPremium
join:2002-07-14
Clinton Township, MI
kudos:2 | reply to KoRnGtL15
Not much of a choice here but I would go with OpenDNS.
Have used it in the past.
The only problem I had was it would not open some sites I normally went to.
Now I just use the DNS from my ISP.
I have no problems with that. 
As far as your alternative, would not even consider it.
--
"In times of universal deceit, telling the truth becomes a revolutionary act.."
George Orwell |
|
 omnibusPencil.. Yum
join:2002-01-23
New Zealand | reply to KoRnGtL15
If your ISPs DNS servers work fine, you should stick to it instead.
Griefer groups could easily muck around with 3rd party DNS providers, blocking people from viewing certain websites.
How? By mass-flagging the website as malicious, spyware etc.
As noted here - »bit.ly/4fLFTL |
|
 NetFixerFreedom is NOT freePremium
join:2004-06-24
Murfreesboro, TN
 ·Vonage
 ·Cingular Wireless
 ·Comcast
 ·AT&T Southeast
| reply to Steve
said by Steve:I have no dog in this fight, and I only care about making an accurate assessment of risk. I am seriously open to input (I'm considering a code-signing cert from Comodo). I don't have a code-signing certificate from Comodo, but I (and several clients) do have web server certificates from Comodo, and in each case only a temporary 30 day certificate was initially issued until Comodo checked to verify the validity of the applicant. In my case, I know that they contacted D&B because I got a heads up from them that Comodo had made an inquiry.
I think most of the animosity from some of the regulars here and in other "security" forums is due to dissatisfaction with some of the Comodo PC software. I don't have a dog in that fight either since I have never used any of their PC software.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander. |
|
 ironwalker World RenownedPremium,MVM
join:2001-08-31
Keansburg, NJ
1 edit | reply to KoRnGtL15
I don't use OpenDNS anymore ....I use an alternate root server but forgot from withwhome, sorry.
As for comodo, I trust them. |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to Steve
said by Steve:said by MarkAW:[Hmmm lets see the fiasco with the Certificates for one. You mean the one where the bad guys were serving malware from a Comodo-SSL bearing site, and where Comodo revoked the cert within 24 hours? Or is there something else? I'm sure you are aware of the Mozilla situation and also the situation regarding Comodo continuing to issue certs to known malware providers. So, what is with the deliberate obtuseness?
I know you have little to no respect for my opinion but I have continued to have respect for your opinions in this forum and sometimes I have agreed with your opinion. I suggest that before you make a very foolish decision regarding acquiring a Comodo code-signing cert that you do some research into the business ethics of the CEO of Comodo.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
 hayc59Im Your HuckleberryPremium
join:2001-02-26
David R.I.P.
kudos:20 | reply to KoRnGtL15
Totally behind you on this one Mele!!
Comodo's past practices alone should
make a fella stop and stop again and then rethink
and then run away!!....very fast  |
|
SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | reply to Mele20
said by Mele20: I'm sure you are aware of the Mozilla situation and also the situation regarding Comodo continuing to issue certs to known malware providers. Comodo revoked the Mozilla.com cert when the problem was pointed out, suspended the registrar (PositiveSSL), and have looked into why this happened. Shenanigans happen with certs all the time - people have managed to perform fake transfers of big domains with other providers too.
As to the selling certs to known-malware, I haven't seen any evidence that this is anything other than bad guys abusing the entire low-assurance cert process.
Is there some procedure or policy that keeps (say) GoDaddy from doing the same thing? Or is it just that Comodo is cheaper?
Steve — really, I'm not being obtuse.
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Orange County, California USA | my web site |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to KoRnGtL15
said by KoRnGtL15:Any reviews/thoughts on the 2? Trying to decide which 1 to go with. I wouldn't touch Comodo's DNS with a hundred foot pole not even if I was handsomely paid to do so.
As for Open DNS, I don't care for the tracking and loss of privacy. I've done tests and Open DNS is not as fast as Level 3's public DNS servers for me. I recommend you use Level 3's servers as there is no tracking. You do not need to register with Level 3 or allow cookies or allow redirection to an advertising page instead of getting a proper error message in your browser if you mistype the address, etc.
I also recommend that you get http://www.grc.com/dns/benchmark.htm free utility from Steve Gibson. It is not quite finished but works just fine. Use it to determine whether or not Open DNS or Level 3 DNS is faster. If you decide to use Level3 DNS servers use DNS BenchMark to tell you which of the Level 3 servers are the fastest in your area. For some people in certain areas none of the Level 3 servers are fast, for others all of them are fast, and for others some are fast and some are slow and, occasionally, which are fast and which are slow, in a given area changes. You can use DNS BenchMark to track, and note, any of these conditions or changes and change your Level3 servers accordingly.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
 Santa FeIf it is to be, It is up to me.Premium,ExMod 2002-7
join:2000-08-22
Freight Yard
kudos:2
·Mediacom
| reply to KoRnGtL15
I've tried both (seem to be in the Minority here ) and of the two, I have to give OpenDNS the edge at least speed wise.
Learned something new though, never knew you could change security options, and Knowledge is HALF the battle!
--
I'm Forever Folding For Team Helix
Autism Speaks, Please Listen! |
|
