Programmer Brannon Dorsey wrote up a fascinating and fairly technical piece about the perils of DNS rebinding the other day. It's worth a read if you have even the slightest interest in how web browsers work to prevent one site — a scammy site, let's say — from sending a request to another site — your bank — and draining your accounts or manipulating your credentials (without the site's explicit permission).
When you use HTTPS or SSL, your web browsing traffic is encrypted. When you use a VPN, all of your traffic is encrypted (usually). Sometimes, even with HTTPS and VPNs in play, DNS requests -- or the way your computer translates "lifehacker.com" into numbers that your computer understands, like "199.27.72.192" are completely unencrypted, leaving you open to spoofing and man-in-the-middle attacks. DNSCrypt can lock that down. Here's how.
OpenDNS already offered a great content filtering tool that you could set up on your home Wi-Fi router. Now the DNS provider is making it easier to block impressionable eyes from adult content—and clever proxies and other work-arounds, too.
Google Public DNS is designed to speed up browsing, but depending on the kind of content you want to access, it can often have the reverse effect.
We've written many times about the benefits of pointing your router to OpenDNS instead of your ISP's ad-shoving re-direct service. OpenDNS now offers a $US10-per-year Deluxe version that offers whitelist-only surfing, customised block pages, and one year of surfing stats.
Yesterday we offered up a guide to protecting your Windows PC from the Conficker worm, set to perhaps start doing something this week. Free net service OpenDNS is another option for anyone concerned about today's not-so-funny happening.
