An easy way to circumvent OPENDNS

Follow
Avatar
colinsw

There is an easy way to get around opendns that I need to block. 

I've set opendns on the router and it all works fine, but 8888 4444 in the machine's dns allows the user to circumvent opendns. It's really easy to find a tutorial on this as well (http://www.wikihow.com/Bypass-OpenDNS-Internet-Security

I work in a school and we lock the machines down using windows group policies - but lots of the kids bring their own machines - which I can't lock down. 

Any thoughts on what I can do about this would be REALLY appreciated.

 

1

Comments

4 comments

Sort by Date Votes
  • Avatar
    cindelicato

    You can create a rule on the school firewall to restrict PORT 53 that would enable only OpenDNS.

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Or better: configure your DHCP server to give out only your internal DNS server's IP address(es) (which has OpenDNS as forwarding configured), and block port 53 passthrough outbound as cindelicato said.

    0
    Comment actions Permalink
  • Avatar
    pneumoman

    Many thanks for this. Now I realise how my sons school laptop has been bypassing our OpenDNS proxy.

    0
    Comment actions Permalink
  • Avatar
    Kristy Patullo

    We also have a support article detailing how to use firewall rules to prevent the circumvention of OpenDNS: https://support.opendns.com/entries/26374985-Preventing-circumvention-of-OpenDNS-with-firewall-rules

    Additionally, if you make yourself the administrator of devices on your network other users won't be able to change the DNS settings of these devices to bypass OpenDNS.

    0
    Comment actions Permalink

Post is closed for comments.

Didn't find what you were looking for?

New post