I am having problem with bypassers. They bypass the OpenDNS filter by just changing the DNS number in their devices. Then they can easily access blocked sites.
Is there a way to prevent them changing it without touching his device? Because even if I remove administrator privileges, it won't make difference because they are good at IT.
I have sent to OpenDNS this question and they replied:
"If you have a router that supports traffic forwarding, configure the DNS settings of the network router to use OpenDNS and then configure the router to forward all DNS traffic to it's own internal network IP address. Not many routers support this, but some do."
No idea what this means.
By the way, I've got a good router -- it's Netgear dgnd3300v2
Please, guys, help!
Another potential solution is to block all outgoing traffic from port 53 (DNS-Reserved port) and only allow incoming traffic from that port on Your router via Firewall settings. This way even if a client changes its DNS IPs manually, DNS queries sent to the newly-configured remote servers will be blocked. Therefore, the only possible way for the client to use DNS and be able to navigate to websites again is to fall back to the settings forwarded by the DHCP server (default to OpenDNS in your case).
answered Jul 28 '12 at 21:34
You may be able to achieve the same result with port forwarding and save the cash you spend on OpenDNS. You may also be able to forward the addresses they are using. Newer routers are very configurable. I have a $30 one and it has a wide variety of rules to apply.
answered Jul 28 '12 at 06:27
You should be able to deny access to the ability to change these settings with group policy in Windows (you don't detail your OS).
answered Jul 28 '12 at 09:49