Why/ how does Open DNS use help to reduce or eliminate malware?
I was curious too, the answer seems to be here...http://www.opendns.com/malware-botnet/
.. (my emboldening)
OpenDNS protects you from becoming infected with malware by blocking known malicious domains from resolving at the DNS layer
Once a web site is known
to host malware, I guess the DNS can choose not to resolve it by name. The problem is of course, that word... 'known'
Whereas it tends to be the 'unknown'
malware that does the damage, and it does take some time for any malware, after it is unleashed, to become 'known'
I'm not knocking Open DNS, the same criticism (that 'unknown' threats are hard to detect) applies to most AV products. But I do strongly believe that we must beware malware at all times, regardless of AV precautions. My real worry is that AV and anti-malware software, and the likes of Open DNS's claims, lead us into a false sense of security whereupon we lower our guards. We then become even more vulnerable to the (unknown) threats, compared to the alternative situation where we had no AV software at all, but simply tread very carefully.