Add a blocking category, perhaps a security setting for remote access tools

Comments

4 comments

  • Avatar
    rotblitz

    Many of those do not use DNS so cannot be blocked by a DNS service.

    0
    Comment actions Permalink
  • Avatar
    mattwilson9090

    As rotblitz said, many of these services do not use DNS to make their connections, so there is little that OpenDNS could do about them anyway. The most effective way to prevent unauthorized remote access tools from running is to prevent them from being install in the first place. The first step is usually to not allow users to run their computers with administrator access which will prevent nearly all of those tools from being installed in the first place. After that, it all depends on what tools and security options that IT staff has available to them.

    0
    Comment actions Permalink
  • Avatar
    galfert

    While I'll agree that many remote access services may not use DNS, I still think it worth while to block the main websites of these services to prevent access to the tool. This could help prevent installation of these remote tools if you are blocked from downloading the the software.

    I think it merits reconsideration of creating a Remote Access category.

    There are many social engineering scams where elderly people and less savvy people are being taken advantage of.

    I know of an elderly person where my friend (the son of the elderly person) had the computer set up so that the elderly person was a standard windows user with no administrator access. The scammer was still able to walk the elderly person to some remote access website and the browser plug-in or something allowed remote access to the computer without install any application. I think this could have been prevented if DNS blocking filtered for the likes of these remote access tools.

    I looked in the OpenDNS domain category search and already some of these remote access sites are blocked by the category Software/Technology. But this is too broad a category to use it as a blocking filter as it also blocks office.com which is used to log into ones personal Office 365 account. Also Software/Technology blocks harmless technology news websites. I think the category software/technology tries to cover too much and I'm willing to bet it isn't used much. If you want to block news websites there is already a News/Media category.

    Therefore I conclude that a Remote Access category has merit.

     

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    New categories can be suggested at https://community.opendns.com/domaintagging/categories#suggest

    0
    Comment actions Permalink

Please sign in to leave a comment.