Home

  

 

Events  |  News  |  Press  |  Support  |  Training  |  Promos  |  Locations  |  Careers  |  About Us User Groups

  >   Shortcuts
 

Table of Contents

 

News Bulletin - AEC Edition

News Bulletin - MCAD Edition

New Bulletin - Archives

Customer Profiles

Industry News & Comments

Product Reviews

Cadtales

CRM News

Data Management & Consulting

Technical Perspective

Tips & Tricks

News & Events

Promotions
 
  Archives:
 

Civil Engineering Product Reviews

Building (A/E/C) Product Reviews

Mechanical Product Reviews

Multimedia Product Reviews

 
   
 

 		  

 Technology Bulletin

Speed and security for your internet connection: Basic steps for home, small business and enterprise

There is nothing worse than sitting down at the computer and trying to access a web site only to wait and wait and wait and then see an error that the page cannot load. Have you ever had this happen? Sure you have. How about this, you try to load a page at work or at home and it fails, but it loads at the other location. Show of hands, ever happened to you? Yes, me too. Given a level playing field, how can this happen? In many cases the answer to that question is very simple: Your system does not know how to find the web page. How can that be? The Internet is the Internet, right? Not exactly! Let me explain.


Why wont my page load?
So you type in a web site. It may even be a very popular destination, for example http://www.google.com and you get the ever popular 404 error, page not found. You try it at another location and sure enough, it loads. Why? When you type in a link in your browser or click a favorite, the URL line is filled in with text, as in the example of http://www.google.com. While that is a discernable name, it does not tell your browser how to get to the page. How is that accomplished? In simplest terms, the name you are looking for and placed in the address bar in your browser is passed to a lookup engine and is given the location of the server as a unique IP address. Domain Name System or DNS is how that transformation takes place.


Before there was DNS
OK, here is the history part of the article. How far back does using a name rather than a number go with the Web? The use of a humanly readable name for a network location predates even TCP/IP and dates back to the ARPAnet. What was ARPAnet? ARPANET (Advanced Research Projects Agency Network) created by Defense Advanced Research Projects Agency (DARPA) of the United States Department of Defense during the Cold War. It was the world's first operational packet switching network, a network that could slice data in smaller packets so they can be easily transferred from one computer to another. It was the predecessor of the Internet. Back then, a local host file was used to point to a machine name and the associated network number. This is still effective for private networks where registering servers or Intranet sites with a public IP number is not desirable. The DNS was invented in 1983 by Paul Mockapetris, shortly after TCP/IP was deployed. The subsequent growth of networking required a more scalable system that recorded a change in a host's address in one place only and did not require updates on every machine every time an IP address changed. This allowed hosts to learn dynamically about the changes to a machines address.

How does DNS work?
Domain Name System is a listing of all the web sites, servers, etc. that are registered in the public space and the IP address that corresponds to that name. Think of it as the phone book for the Internet. DNS truly is like the Internet's Phone Book, even though lots of people now use the Internet to look up phone numbers too, but the principle is the same Just as you use a phone book and look up a phone number using a person's or business' name, you look up the web server IP address using the Domain Name. It is DNS that keeps the Internet usable. When you type in that site name, DNS looks up the associated IP address. If DNS did not exist you would be going to websites by typing in the IP address. Now honestly, would you rather type http://www.google.com or http://208.69.36.230? Me too!

Are all DNS the same?
No. Most ISPs from Tier 1 on down have a DNS server number they give to their customer. The DNS root servers locations are shown in the map at the right. These root servers contain the master copy of the DNS tables for all sites registered with a public IP address. In turn, the DSM server your ISP uses may only have a partial list of the DNS worldwide tables, the most popular sites for example, and if you request a URL that is not in their list, their server must make a request from one of the root level DSN servers. The result is latency, or a delay as your web page waits and waits and waits to load. The other thing that can happen (and has) is that these DNS servers can be compromised or hijacked so they redirect web requests to a different site. Just search on Hijack DNS in Google and see what I mean. There are hundreds of entries. This could just send you to a web site other than the one you wanted or return the 404 error. They could also redirect you to a site that is infected with Virus / Worm or Malware code or is there to capture information from your machine, as in a site that masquerades as a retail web site.

Web redirection can be good. Really?
Yes. In the case of Enterprise solutions that filter web content for malicious code, these devices redirect users to an internal page. This process allows the IT Department to stay ahead of infections that are web-borne and to track these issues too, keeping them safe. The next logical extension of such devices is to create policies that do not allow access to particular categories of web sites. It is likely that pornographic web sites, those for online gambling, illicit drugs, weapons etc. probably do not have a place in your organization and are likely against your company policies. To that end, web redirection can actually hold redirect requests to these web sites so the end user and your company is not subject to the liability of having those web sites viewed on your equipment or your enterprise. Assuming you have a suitable DNS server configuration at your business, you may well want to find out about a web appliance that carries out the above functions. I will discuss just that in next months column. If not, you too can use OpenDNS and then add to it with the web filtering appliance.

What if my DNS does have problems?
If the DNS server(s) you use have issues, you can change them, but to what? For home users and even small companies under ten users, a very good solution is available. It is fast, provides some very good tools and is FREE. Yes, free. It is called OpenDNS. OpenDNS touts themselves at the leading provider of free security and infrastructure services that make the Internet safer through integrated Web content filtering, anti-phishing and DNS. Pretty impressive stuff for free. They provide step-by-step instructions that even the most timid user can follow for setting the DNS option on their machine. If you have a broadband router at home, they can help you there too! You click on the device you have and follow the detailed instructions. It is just that simple. OpenDNS runs some of the largest DNS caches on the Internet and they do it on their own network running their own software. Because they can hold tens of millions of records and zones in local cache, your address look-up is faster. There is no middleman!


OpenDNS does web filtering too
In addition to speeding up your DNS by accessing their servers, OpenDNS does web filtering too. You can select from the following categories:

-  Adult Themes

-  Government

-  Pornography

-  Adware

-  Hate/Discrimination

-  Portals

-  Alcohol

-  Health

-  Proxy/Anonymizer

-  Auctions

-  Humor

-  Radio

-  Automotive

-  Instant messaging

-  Religious

-  Blogs

-  Jobs/Employment

-  Research/Reference

-  Business Services

-  Lingerie/Bikini

-  Search engines

-  Chat

-  Movies

-  Sexuality

-  Classifieds

-  Music

-  Social networking

-  Dating

-  News/Media

-  Software/Technology

-  Drugs

-  Non-profits

-  Sports

-  Ecommerce/Shopping

-  Nudity

-  Tasteless

-  Educational Institutions

-  P2P/File sharing

-  Television

-  File storage

-  Parked Domains

-  Travel

-  Financial institutions

-  Phishing

-  Video sharing

-  Forums/Message boards

-  Photo sharing

-  Visual search engines

-  Gambling

-  Podcasts

-  Weapons

-  Games

-  Politics

-  Webmail


In addition you can set White List option to bypass the rules you have chosen or Black List options to block access to specific sites. While not as full-featured as some Enterprise solutions, OpenDNS brings so much to the table, it is a definite must for home users, as necessary at Anti-Virus, Firewall and Anti-Spyware/Anti-Malware softwares. With OpenDNS you do not need to worry about downloading or installing software. With no new software, trying OpenDNS is a no-risk opportunity to improve your network experience while allowing you to block sites that you do not want your kids opening by accident (anyone remember http:/www.whitehouse.com which was a porn site) and being able to block known Phishing sites too.

Where Can I Find Out More?
For OpenDNS, visit http://www.opendns.com or for those or you with a DNS server that does not allow access or if you just like typing numbers, http://208.67.219.101.  For a look at what you can do at an enterprise level with web and content filtering beyond what you can do with OpenDNS, check back here next month. As with any changes to your machine, if your business has an IT department, check with them first before making any changes. If you have questions or comments about this article, contact me (JohnBoline@hagerman.com).



All product names / logos, company names / logos are copyrights of their respective holders. John Boline is an MCSE, CNE, USE, a member of the Network Professional Association and the Microsoft Partner Research Panel, . The content herein is often based on late-breaking events. Much of the material is based on information from sources that are believed to be reliable. Hagerman & Company, Inc. disclaims all warranties as to the ultimate accuracy or completeness of the information. Hagerman & Company, Inc. and its employees shall have no liability for errors, omissions or inadequacies in the information contained within this article or for any interpretations thereof. The recommendations, positions and best practice policies outlined herein represent Hagerman & Company, Inc. initial analysis and therefore are subject to change as further information which may have bearing on these positions is made available. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Hagerman & Company, Inc. assumes no obligation to update the forward-looking statements made in this newsletter to reflect any change in circumstances, after the date of publication. Entire contents 2009 Hagerman & Company, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden

 

 

 

This page last edited on Thursday, June 03, 2010

 

 

 

e-vol 83, September 2009

by John Boline,
Service Manager,
MCSE, CNE, USE


print version

 

We Appreciate

Your Feedback!

 

 

Anaheim, CA  |  Chicago, IL  Cincinnati, OH  Evansville, IN  Glendale, CA  |  Indianapolis, IN  |  Knoxville, TN  |  Louisville, KY |  Memphis, TN  |  Mishawaka, IN  |   Mt. Zion, IL   Nashville, TN  |  Overland Park, KS  |  Sacramento, CA  |  San Diego, CA  |  San Jose, CA  |  San Ramon, CA |  Schaumburg, IL  St. Louis, MO   

Copyright 2009 Hagerman & Company, Inc.