Allow phishing filter to be bypassed

Comments

10 comments

  • Avatar
    rotblitz

    "The only current options appear to be to turn the filter off completely and wait until this takes effect, or submit the site for review and wait much longer."

    This is not true.  Beside flagging the site for review, you can add the domain name to your "never block" list, flush the local resolver cache and the browser cache, and you're done.

    "and wait until this takes effect"

    If you have to wait longer than 3 minutes, you didn't flush your caches.  These can be really persistent.  Therefore you must do this after all dashboard configuration changes to take effect immediately.

    https://support.opendns.com/entries/23281284-Clearing-the-DNS-Cache-on-Computers-and-Servers
    https://support.opendns.com/entries/23739610-Clearing-the-DNS-Cache-on-Browsers

    0
    Comment actions Permalink
  • Avatar
    frandom

    Using the never block list appears to require to have 'Enable typo correction (and NX Domain redirection)' turned on, and still makes it more complicated than necessary for a user to get to a site they know is legitimate.

    0
    Comment actions Permalink
  • Avatar
    frandom

    (the first time at least or if they don't know the opendns login)

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "Using the never block list appears to require to have 'Enable typo correction (and NX Domain redirection)' turned on"

    Only with a free account.  OpenDNS Home VIP doesn't have this restriction.

    "still makes it more complicated than necessary for a user to get to a site they know is legitimate."

    If you want to continue visiting a site being reported as phishing, you'll want to disable phishing protection at OpenDNS, and you'll rely on the browser activated phishing protection which allows to continue visiting such sites, exactly as you want it.

    0
    Comment actions Permalink
  • Avatar
    frandom

    I have turned it off, but to keep it off I would have to run the OpenDNS IP updater software as like most people I have a dynamic IP.  If the phishing filter is left on by default, then it should have a way to bypass it without having to know anything about OpenDNS, or at the very least sites that are submitted for review should be looked at much quicker.  The site I submitted for review 5 days ago is still blocked when the filter is on.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "I would have to run the OpenDNS IP updater software as like most people I have a dynamic IP."

    You have to have anyway.  This is the concept.  Else you risk to use somebody else's settings or the defaults.  If you don't want it this way, then OpenDNS is not the way to go, and you'll be using a different "simple" DNS service which doesn't come with any additional whistles and bells.

    0
    Comment actions Permalink
  • Avatar
    frandom

    I'm sure a large amount of OpenDNS users don't use the updater, it isn't even mentioned in the basic setup instructions, and isn't that easy to find the download for.  OpenDNS publishes their IPs on the home page without any mention of needing to sign up and use the updater, so they have to expect many people will be using the default settings.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "I'm sure a large amount of OpenDNS users don't use the updater"

    This may be the case, but it is wrong.

    "it isn't even mentioned in the basic setup instructions, and isn't that easy to find the download for."

    This is not true.  After having configured the OpenDNS resolver addresses and having tested it, you're directed to your dashboard to add a network and to configure it.  On the same page there are several advices to use an Updater with a dynamic IP address:
    https://dashboard.opendns.com/settings/

    "OpenDNS publishes their IPs on the home page without any mention of needing to sign up and use the updater, so they have to expect many people will be using the default settings."

    As said, this is not true.  And you can use the default settings, but this bears the risk to use someone else's settings if your current IP address is registered with another user's OpenDNS network by chance.

    0
    Comment actions Permalink
  • Avatar
    frandom

    The feature request would still be of use even if everyone signed up and used the updater, which isn't going to happen unless OpenDNS forced it.  Not everyone is going to have access to the OpenDNS account settings.  The person who does have the login is not always going to be available to help get them access.  Having to turn off the filter completely instead of allowing those users to bypass it manually means you completely lose the extra layer of security it was supposed to provide.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    After all I've given your idea my vote.

    0
    Comment actions Permalink

Please sign in to leave a comment.