OpenDNS Public DNS Usage Detection

Info Nessus Network Monitor Plugin ID 9365

Synopsis

The remote host is utilizing OpenDNS's public DNS service.

Description

The remote host was observed making DNS queries to one or more OpenDNS public DNS servers. Utilizing OpenDNS's public DNS service may allow users to bypass web filtering or circumvent other security measures. Malicious actors may also use these servers in an attempt to discretely reach out to internet resources while remaining undetected.

OpenDNS Public DNS Addresses :
- 208.67.220.220
- 208.67.222.222

Solution

Ensure this DNS configuration is sanctioned by policy and guidelines regarding acceptable network usage.

See Also

https://use.opendns.com

Plugin Details

Severity: Info

ID: 9365

Family: Policy

Published: 2016/06/23

Modified: 2016/06/23

Dependencies: 9363, 9364

Risk Information

Risk Factor: Info