This is a cache of https://tech.slashdot.org/story/15/06/30/1459202/cisco-to-acquire-opendns. It is a snapshot of the page at 2020-07-08T04:47:08.951+0000.
<strong>cisco</strong> To Acquire OpenDNS - Slashdot

Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Businesses Networking The Internet

cisco To Acquire OpenDNS 147

New submitter Tokolosh writes: Both cisco and OpenDNS announced today that the former is to acquire the latter. From the cisco announcement: "To build on cisco's advanced threat protection capabilities, we plan to continue to innovate a cloud delivered Security platform integrating OpenDNS' key capabilities to accelerate that work. Over time, we will look to unite our cloud-delivered solutions, enhancing cisco's advanced threat protection capabilities across the full attack continuum—before, during and after an attack." With cisco well-embedded with the US security apparatus (NSA, CIA, FBI, etc.) is it time to seek out alternatives to OpenDNS?
This discussion has been archived. No new comments can be posted.

cisco To Acquire OpenDNS

Comments Filter:
  • Oh, wait, what's the opposite of good? Bad? Yeah, bad, this is bad.
  • by nimbius ( 983462 ) on Tuesday June 30, 2015 @11:49AM (#50019253) Homepage
    outside of a very sophmoric attempt at content filtering, im not sure this service did much? (aside from molest dyndns' API for a user fee.) They basically poison NXDOMAIN for profit...under the auspices of attack prevention and puritanical righteousness.
    • by cfalcon ( 779563 )

      What's a superior DNS, in your opinion?

      • by drinkypoo ( 153816 ) <martin.espinoza@gmail.com> on Tuesday June 30, 2015 @12:06PM (#50019367) Homepage Journal

        Google, of course. Any DNS sizable enough to trust is likely to be a tool of the state, but at least Google is competent.

      • What's a superior DNS, in your opinion?

        Point your Berkeley Internet Name Domain server at the root nameservers.

        All the services that provide intermediaries to the real DNS are in the business of directing your traffic for their profit. If you are happy being a clueless end-user, the best you can do is 8.8.8.8 (Google) since they are at least built to a reasonable scale.

        But it's still not really DNS... it's asking somebody else to do your DNS for you. Which is OK for non-geek end users.

        • Distributed, hierarchical servers are the way DNS was designed and intended, so it actually is DNS. Trusting the hierarchy is another matter altogether.
          So your point still stands. Do it yourself; it's educational and fun.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      outside of a very sophmoric attempt at content filtering, im not sure this service did much? (aside from molest dyndns' API for a user fee.) They basically poison NXDOMAIN for profit...under the auspices of attack prevention and puritanical righteousness.

      The primary reason I use OpenDNS is for DnsCrypt, not for any filtering they provided.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        What's the value you get out of DNSCrypt to OpenDNS? Instead of your ISP seeing your DNS traffic and requests, OpenDNS (and now cisco) gets to see your DNS traffic and requests.

        Am I missing something?

        • by Whiteox ( 919863 )

          Yeah. If your ISP's DNS server is in a country that is monitoring requests, then:
          A: Your ISP can see what you are viewing
          B: They would be bound by law to hand over the logs.
          By going out of the geopolitical boundary (that's if you can) for DNS, then it's 1 chink in your armour.

    • by MatthiasF ( 1853064 ) on Tuesday June 30, 2015 @11:55AM (#50019291)
      Malware domain filtering as well, don't forget that.

      The best defense against virus and malware is blocking them before your computer can even connect to download.
      • Hit the nail on the head with this one. This is the bit where the cisco "better together" argument actually makes sense. It's also the part of the puzzle many of cisco's biggest customers (ISPs, Fortune 500, Governments) really care about - Slashdotterss may be able to keep their ten-node home networks clean easily but these guys really struggle to keep their 10,000 node networks clean.

        It's not just Malware - it's Spam, Phishing, Spyware, Botnet C&C traffic - basically anything bad on the net. The amoun

    • by corychristison ( 951993 ) on Tuesday June 30, 2015 @12:19PM (#50019439)

      I've always used Level3, personally. Its anycast based, like Google's service.

      Just pick 2 or more of the following:
      4.2.2.1
      4.2.2.2
      4.2.2.3
      4.2.2.4
      4.2.2.5
      4.2.2.6

      It is even somehow faster than my ISP in terms of response time.

      • by Anonymous Coward

        It is even somehow faster than my ISP in terms of response time.

        Well, sure, it's quicker to just access the NSA DNS servers directly, without your ISP as a middleman.

      • by afidel ( 530433 ) on Tuesday June 30, 2015 @01:16PM (#50019775)

        L3 has introduced random delays in their resolvers for anyone off-network so if you want decent performance you'll use just about anything but those. Google had some performance issues when they first introduced their anycast clusters but today they're as fast as anything I've tried.

        • Re: (Score:3, Interesting)

          by Anonymous Coward

          L3 has introduced random delays in their resolvers for anyone off-network

          source on this?

      • by Anonymous Coward

        Keep in mind that if you're not a Level3 customer, you are in effect using someone else's DNS, which you aren't even contributing to supporting. It's the ultimate freeloader stance, which is akin to being something of a sponge.

        Level3 has never purported to be the DNS for the world. Use a root server or Google's DNS, as the root servers are for public use and at least Google welcomes public use. Level3 has made no statement indicating it welcomes the entire internet using their DNS servers.

        Also, all those

        • If they didn't want off-network users to use it, they would firewall it to just their subnets. I get they have a very large network that is ever expanding, and it may just be easier to not lock it to their subnets, but seriously it's not that hard.

          I don't use my ISPs DNS because they resolve non-existent zones to some bullshit landing page in which they try to "help" users find what they were looking for, effectively breaking DNS in my opinion.

          I don't use Google's because it sucked the last time I used it (

      • by antdude ( 79039 )

        Do they have filters like OpenDNS?

    • by afidel ( 530433 )

      You know you could signup for a free account and turn off NXDOMAIN redirects, right? Of course it's a moot point since they turned it off globally years ago.

  • Is this the inverse of that headline rule thingy?

  • by __aaclcg7560 ( 824291 ) on Tuesday June 30, 2015 @12:06PM (#50019365)
    The same cisco that has default SSH keys [slashdot.org] on their security devices that allow hackers to run wild?
  • I see people are repeating this, hoping to make it believed. Not that I love cisco either (or Oracle or SAP or... you get my drift) but that just isn't fair.

    Is it that you can't believe that the NSA would get in without insider help? There have been at least a half dozen brands, many non-USA, that they are said to have gotten into. Surely a Chinese vendor wouldn't cooperate with the NSA. Unless you want to believe Huawei is well-embedded with the NSA (ha, ha, seriously...) it is wrong to make these assumpti

  • by koan ( 80826 )

    Who here trust cisco?

    • Re:And... (Score:5, Interesting)

      by Capt James McCarthy ( 860294 ) on Tuesday June 30, 2015 @01:35PM (#50019895) Journal

      Who here trust cisco?

      Your bank.

      • by SeaFox ( 739806 )

        Who here trust cisco?

        Your bank.

        You bank also trusts Microsoft, so let's consider that for a moment...

        • The majority of banks also trust Diebold (who have ridiculously insecure default settings on their ATM terminals, the manuals of which are available online, and yes, criminals have exploited this), so take that into consideration.

    • I trust Crisco all-vegetable shortening to get well-done, crunchy french fries.

      Oh wait, cisco? Not me.

    • by dissy ( 172727 )

      Who here trust cisco?

      That depends which definition of trust you mean.

      Do I trust them to respond in a certain way under a given set of circumstances?
      Yes, I believe I can predict exactly how they will abuse and eventually clusterfuck OpenDNS, and I predict it will not be pretty.

      But do I trust them to have my best interests at heart?
      Hell no.

  • by Wokan ( 14062 ) on Tuesday June 30, 2015 @01:41PM (#50019955) Journal

    It could have been Oracle buying it. I have yet to see them acquire anything and not turn it to shit.

The IBM purchase of ROLM gives new meaning to the term "twisted pair". -- Howard Anderson, "Yankee Group"

Working...