Using OpenDNS for Parental Control

See: https://www.opendns.com/home-internet-security/

OpenDNS Family Shield

  • Pre-configured DNS servers to block adult related sites
  • No need to sign up and configure

DNS Servers

208.67.222.123
208.67.220.123

OpenDNS Home

  • Sign up and configure what to block

See:

DNS Servers

208.67.222.222
208.67.220.220

Enforce to use only OpenDNS servers

On each computer

  • Set the computers (laptops, desktops, mobile devices etc.) to use openDNS servers
  • Restrict access to changing DNS server in computers (Remove administrator access/role from the child account)

On the router (network edge)

  • Set the router DNS servers to OpenDNS servers
  • Add firewall rule to block all traffic to port 53 and only allow traffic to port 53 of OpenDNS servers

Example firewall rules using OpenDNS Home Servers:

BLOCK TCP/UDP IN/OUT all IP addresses on Port 53
ALLOW TCP/UDP IN/OUT to 208.67.222.222 or 208.67.220.220 on Port 53

Block a specific DNS Server with “Static Routing”

Example to block Google DNS server 8.8.8.8 by adding a static routing rule

  • Use an ip address other that actual router ip address as gateway.
    • E.g. if router ip address is 192.168.0.1, use 192.168.0.2
Destination Network: 8.8.8.8	
Subnet Mask: 255.255.255.255	
Gateway: 192.168.0.2

Leave a Comment

Your email address will not be published. Required fields are marked *