OpenDNS - can this really work?
This morning, I was at CISCO office for a security training and I was told about OpenDNS (now acquired by CISCO). This is public DNS servers that allow you to filter bad sources, based on their names.
This sounded a bit strange for me. Why trying to protect people by using DNS? Is that really efficient? I ask this question, because DNS is at level7 (application level in OSI model).
I would prefer an IP reputation based system, instead playing with names (as an IP could be registered as multiple names!). But anyway, that's finally one more protection and I decided to give it a try.