Dynamic DNS updater
I just ran into a problem I hadn't considered before.
I use the OpenDNSUpdater on my laptop so that I know the network address is up-to-date.
Today I went to the local coffeeshop to work for a bit.
If they happened to be using OpenDNS as their DNS provider, or their ISP was, would my Updater cause everyone to start getting filtered to my settings?
And would the devices I left at home suddenly be unprotected if my machine updated to the new IP?
-
Yes, and yes. Do not run an Updater on roaming devices. An Updater must run only within the network it is to be kept updated.
If you have no other option to run an Updater except on this roaming laptop, then uninstall it and use this Updater instead. There you can define in what network (router IP address and/or WLAN SSID) the updates should happen. Other options are built-in DDNS update clients on routers, DVRs, NASes, IP cameras, etc.
-
You're the one who said "Do not run an Updater on roaming devices. An Updater must run only within the network it is to be kept updated."
The prevailing logic among people I work with, we help underprivileged or non-technical people get their home network set up, is to install it on the machine that runs the most often. Today those are laptops. You wouldn't put it on some desktop that sits in the corner and gets used once a week.
This issue never occurred to any of us until I was sitting in Starbucks one day and noticed it was running.
I thought, "Surely not. I'm sure they have that handled somehow." But it is designed to notice when you switch networks. I couldn't think how it would know not to.
With opendns saying that the updater was THE solution, it took some work to convince the group that it was an issue.
So the risk is that if they aren't alerted to the risk, people have too much blind confidence in the updater. -
Well, I said what I said to explain how it only works. I didn't say that it is associated with any risk if it doesn't work. It simply doesn't work then, i.e. the dashboard settings do not take effect, just the OpenDNS default settings may take effect. I do not really take this as risk.
Also, OpenDNS (home versions) is clearly a cloud service for networks you own, not for your devices in other networks. If you want to cover roaming devices, you had to go for Prosumer which works with roaming clients / agent software you need to install on those devices.
Therefore again, installing the official OpenDNS Updater on roaming devices is not a good idea. I pointed out the other options. I for myself use my router's built-in DDNS update client in conjunction with DNS-O-Matic, not to update OpenDNS only, but a bunch of other services too.
"So the risk is that if they aren't alerted to the risk, people have too much blind confidence in the updater."
I still do not understand this as a risk. It just doesn't work as expected then.
Please sign in to leave a comment.
Comments
5 comments