The guys at OpenDNS made an interesting announcement yesterday. They’re building a community authored directory of web sites to enhance their DNS-based web filtering service. OpenDNS is a free DNS service that anybody can use simply by changing their computer’s DNS settings.

This is how a DNS-based filtering service works. You change your network settings (typically the one’s served up dynamically by your DHCP server) to use the DNS servers from OpenDNS. When a user types playboy.com into the address bar, the web browser attempts to find the IP address for playboy.com using DNS. But the OpenDNS servers don’t return the real IP address for playboy. Instead they return the IP address of a server that sends the user a block page. Hey presto, the user is blocked. Frankly, it’s brilliant in its simplicity. And the community categorization approach is extra brilliant.

A DNS-based filtering solution is great at snuffing out inadvertent browsing of bad web content. When my five-year-old uses our home computer and starts clicking around on stuff, I’d like to simply prevent him from accidentally viewing nasty sites that might come back in a Google search. A DNS-based approach will absolutely solve this problem.

But my five-year-old is not what I would call a determined attacker.

(more…)