LEO: Steverino, are you ready? The Savvy Observation of the Week. [Tim] Knittel of Lexington, Kentucky says: Hi, Steve. In Episode 156 a listener asked if he could bypass DNS by directly entering the IP address of the websites he wants to visit. This approach won’t protect him from the DNS spoofing vulnerability, however, for a number of reasons. Really. Well, that’s interesting. First, not all websites use relative links to navigate among the pages. So you could enter in 192.168.1.1, but when you click the link it’s going to come back to you as example.com/mylink, not 192.168.1.1/mylink. A good point. In fact, my site does that. You could come in via an IP address, but we’re going to rewrite the address for subsequent pages to be TWiT.tv. Second, all external links on the page will not be IP based. That includes subdomain links. So continuing the example above, a link might be coolstuff.example.com, even if you enter an IP address. You click that link, bye bye. Third, only the web pages that his browser loads are user-controllable in this fashion. All his other applications will use domain names - email, newsgroups, RSS readers, podcast catchers, Windows Update, et cetera, et cetera, et cetera. Nothing you can do to stop those programs from using DNS lookup because they do it automatically, transparently, without your knowledge or intent. In fact, this includes the browser itself if the browser is configured to automatically check for updates. Oh, of course, didn’t even think of that. His point is DNS is just too integral a part of computing now to be successfully on the 'Net without it. So you’re not doing yourself any good by entering in IP addresses. We should have mentioned that, actually.