OpenDNS is adding a Singapore Datacenter

Good news for those of us in Asia using OpenDNS!

In their October 2010 newsletter, OpenDNS announced that later this year they will adding a new datacenter in Singapore to better serve OpenDNS customers in the Pacific Rim.

Since OpenDNS is anycasted, the new datacenter means faster DNS resolution and an overall faster Internet for OpenDNS users in Asia. If this is where you live, no changes on your end are needed to get the faster DNS resolution — your DNS requests will automatically begin routing through the new servers.

Existing and planned OpenDNS server locations are shown in the OpenDNS network map located here.

Remove advertisments from Untangle Web Filter

If you are running Untangle’s free “Lite” package,  you may have noticed that advertisements are now shown in the bottom of block pages generated by the Web filter.

Untangle announced that they had put this in place in order to generate revenue to support development of the Untangle platform. Whilst I understand their need to support development, some of the ad’s that show up are of a questionable nature. If Untangle has to show advertisements within its block pages in order to support its back end infrastructure then I fear they may not be around much longer, as a company. I’d suggest Untangle look for sponsors to provide update and download hosting for the open source / Lite applications and only host their commercial applications themselves.

Solutions:

1. Purchase an application from Untangle, for example the Branding Manager which costs $108.00 per year. This will automatically remove ad’s in the Web Filter application and also lets you brand the interface with your own logo etc. This is my recommended method.

2. If your running a test UTM or a small installation at home, you can forcefully remove the advertisements as follows:

a. SSH into your Untangle box.
b. Make a backup copy of the blockpage:

$ cp /usr/share/untangle/web/blockpage/blockpage_template.jspx /usr/share/untangle/web/blockpage/blockpage_template.jspx~

c. Open the block page template: Continue reading “Remove advertisments from Untangle Web Filter”

Windows Server 2008 DNS Block Feature

Windows Server 2008 (2008 R2) introduces a DNS block feature that may affect the ISA Server automatic discovery mechanism when implementing WPAD using a Windows Server 2008 DNS Server.

The block feature provides a global query block list to reduce vulnerability associated with dynamic DNS updates. Dynamic update makes it possible for DNS client computers to register and dynamically update their resource records with a DNS server whenever a client changes its network address or host name.  This reduces the need for manual administration of zone records, especially for clients that frequently move or change locations and use DHCP to obtain an IP address. This convenience comes at a cost, however, because an authorized client can register any unused host name, even a host name that might have special significance for certain applications. This can allow a malicious user to “hijack” a special name and divert certain types of network traffic to that user’s computer. WPAD is a commonly deployed protocol vulnerable to this type of hijacking, and by default WPAD look up is disabled by the blocking mechanism.

If you want to use WPAD with a Windows Server 2008 DNS, note the following behavior:

– If WPAD entries are configured in DNS before the DNS server is upgraded to Windows Server 2008, no action is required. Continue reading “Windows Server 2008 DNS Block Feature”

Google Chrome OS – do we want another monoculture?

Google Chocolate Factory ?! wtf
Google Chocolate Factory

Yes, Google has open-sourced Chrome OS, its much discussed browser based operating system. But as usual, the open sourcing only says so much about its openness. Wait, no – its only open ‘on the hole’. After all, this isn’t something you can load on any PC. And it’s not much of an operating system. You can’t load local applications – not even one.

As part of its crusade to move more and more of our lives onto the web – and onto its own web services in particular  – Google has shunned the desktop entirely. And in doing so, it has shown a certain Apple-like quality: Like the Jobsian cult, Google is intent on tightly coupling hardware and software. The company – dare we say – is closing the market to certain hardware. Gasp.

But the ultimate irony is that after years of criticizing Microsoft for bundling its OS with its browser, Google has nearly made them one and the same. Yes, you can run third-party applications – but only web applications, online services of the sort offered most notably by, well, Google. And you certainly can’t use a third party browser.

More here.