I just found out, while helping my mother shop for shoes, that opendns is now blocking sites by default. This one was for "phishing" (fuck off... it's a local shoe store) but they also block "tasteless" and "pornographic" sites apparently (I'd never know... I use a VPN for dodgy sites so they don't get my IP address etc.). The only thing wrong with the shoe store is that they have a self signed certificate (which I can proceed through in Firefox), but opendns won't let me go to the https or http address because it's blocked for "phishing".
It was supposed to be, and used to be, unfiltered unless you register and enable it, but it seems they have changed policies from opt-in, to opt-out, such that you have to register and jump through hoops to turn it off for your IP address (and if it changes, you'll forget to go in and change it). I've been using OpenDNS for decades, but they seem to be affiliated with Cisco now.
I'm not using their "Family Filtering" servers, just the normal ones (208.67.222.222, 208.67.220.220) so I didn't expect this.
https://support.opendns.com/hc/en-us/ar ... d-Security
I refuse to sign up and jump through their hoops. So now, there are NO DNS providers that I trust (certainly never an ISP's DNS). I guess I'll have to set up my own. I always have a good route to this server so I can set up bind and use it for my local DNS. I'll just have to watch for DNS reflection attack tomfoolery since I'll be responding to queries.
OpenDNS seems to be blocking sites by default now
Forum rules
Behave
Behave
Re: OpenDNS seems to be blocking sites by default now
So I thought the easiest way was going to be to just sign in at OpenDNS (Actually a password reset because I already had an account from a very long time ago and while I didn't forget, I didn't think it would be valid anymore, a different system etc.)
I'm actually guilty of the same thing I'm complaining about, I had an IP address entered in there that looks like it's from the ISP I had in 2002 lol. I had entered it just to ensure that no filtering was enabled and it wasn't back then by default.
My current IP address is already in use, someone that had it before me must have configured it and not updated/removed it. I hadn't really thought much about it before, but that's utterly ridiculous that any dickhead can bung you up by having configured an IP address before.
So I'm waiting on a support request to have it removed so I can use it. In the mean time I'm being referred to useless faqs and kb articles. The FAQ entry for this problem IS to contact support lol
I like OpenDNS because it's fast, reliable and honours TTLs. It does not take long for an IP address change to have proper records at OpenDNS. That makes the Internet more reliable.
I'm actually guilty of the same thing I'm complaining about, I had an IP address entered in there that looks like it's from the ISP I had in 2002 lol. I had entered it just to ensure that no filtering was enabled and it wasn't back then by default.
My current IP address is already in use, someone that had it before me must have configured it and not updated/removed it. I hadn't really thought much about it before, but that's utterly ridiculous that any dickhead can bung you up by having configured an IP address before.
So I'm waiting on a support request to have it removed so I can use it. In the mean time I'm being referred to useless faqs and kb articles. The FAQ entry for this problem IS to contact support lol
I like OpenDNS because it's fast, reliable and honours TTLs. It does not take long for an IP address change to have proper records at OpenDNS. That makes the Internet more reliable.
Re: OpenDNS seems to be blocking sites by default now
So fuck this... I ordered a static IP address from my ISP today (should have it by tomorrowish). It's even a real static IP, where I'll have to manually configure my routers with subnet mask and gateway, not just a DHCP reservation.
As part of the deal, I get a free speed increase to 150 Mbit/s (currently 100, actual 120... I hope the same thing happens with this lol) and by agreeing to a 3 year contract, it's not even going to cost much more (I think I'll be paying about $6 more a month for the static IP instead of $16.95)
My IP address is almost static, it stays the same for a long time, but this OpenDNS shit showed me that I should have a static IP. I use it for access control, and whitelisting etc. too and if it changes I have to remember to change that stuff.
As part of the deal, I get a free speed increase to 150 Mbit/s (currently 100, actual 120... I hope the same thing happens with this lol) and by agreeing to a 3 year contract, it's not even going to cost much more (I think I'll be paying about $6 more a month for the static IP instead of $16.95)
My IP address is almost static, it stays the same for a long time, but this OpenDNS shit showed me that I should have a static IP. I use it for access control, and whitelisting etc. too and if it changes I have to remember to change that stuff.
Re: OpenDNS seems to be blocking sites by default now
Sounds like a good deal. And that's cheap! I've never paid less than about $70 for any ISP in the last 20 years, even back when all I had was 20 Mbit/s. $90 - $130 has been typical.
Here's my current speeds:
Here's my current speeds:
- speedtest.jpg (51.41 KiB) Viewed 29256 times
Re: OpenDNS seems to be blocking sites by default now
I pay about $137 a month for business phone and internet right now, this will up it to around $143'ish. I could get (multi) gigabit service from this ISP but I'm not sure about the infrastructure right here, and it would likely get considerably more costly.
I actually heard back from OpenDNS, they removed the old IP address from the system. That wasn't so bad after all, about 36 hours I think.
I actually heard back from OpenDNS, they removed the old IP address from the system. That wasn't so bad after all, about 36 hours I think.
Re: OpenDNS seems to be blocking sites by default now
So I'm not sure if filtering is enabled by default now on OpenDNS. It may have just been because someone else configured it for the IP address I had.
I'm all set now, statically configured and I added my new IP address ("network") to OpenDNS and it was already set to None for filtering. I'm not sure if it's because that's what I had before or default none. Probably it still defaults to none.
Anyway, 150/20 service now. No extra speed on top of that, so it's only 30/10 more than I was getting before with 120/10. (It was supposed to be 100/10)
I'm all set now, statically configured and I added my new IP address ("network") to OpenDNS and it was already set to None for filtering. I'm not sure if it's because that's what I had before or default none. Probably it still defaults to none.
Anyway, 150/20 service now. No extra speed on top of that, so it's only 30/10 more than I was getting before with 120/10. (It was supposed to be 100/10)
Re: OpenDNS seems to be blocking sites by default now
This time OpenDNS blocked the local ISP, brucetelecom, for "phishing". I have an email address on that domain for communicating with the datacenter (fat lot of good my email would do if my server is down or unreachable) and I haven't been able to check it since last night. I went to go to their website to see if there were any notifications or anything and... blocked by Cisco Umbrella. So I stuck 1.1.1.1 at the top of my resolv.conf and bingo, email started working.
I sent an angry false positive report. Then I went in to check my settings at OpenDNS again and found that now it's under a separate "Security" category and phishing was enabled (doh!). It's disabled now and seems to have taken effect and it's working. There's nothing wrong with the site (or the mail server).
I sent an angry false positive report. Then I went in to check my settings at OpenDNS again and found that now it's under a separate "Security" category and phishing was enabled (doh!). It's disabled now and seems to have taken effect and it's working. There's nothing wrong with the site (or the mail server).