Pinterest Stumbleupon Whatsapp
Ads by Google

I needed a quick easy solution for a small network I was managing. The owner was concerned about some of the employees browsing habits. He said there were issues with online gambling and pornography! GASP! Imagine that? People doing bad things on the internet….that almost never happens….right?

Wrong.

When you have a large environment, you can set up proxy servers, websense servers, throw a barracuda or virtual machine behind your router and call it a day. But for small networks (or anyone looking to save money!) this will work great. Let me give you some quick background on how DNS works.

DNS stands for the Domain Name System and according to Wikipedia it is a hierarchical naming system for computers, services, or any resource participating in the internet. It associates various information with domain names assigned to such participants. Most importantly, it translates humanly meaningful domain names to the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices world-wide. An often used analogy to explain the Domain Name System is that it serves as the “phone book” for the internet by translating human-friendly computer hostnames into IP addresses. For example, www.example.com translates to 208.77.188.166.

In layman’s terms it prevents me and you from having to remember those long numbers and allow us to just type in a domain name. Now every time you type in a domain name like makeuseof.com it gets resolved to an IP address by using a DNS server. OpenDNS uses this method to help secure your network (can be your home network too) and stop those kids from gambling and watching porn. (Sorry guys!)

OpenDNS is a totally free service that lets you use their DNS servers. You set up your network on their site, point your machines to use OpenDNS servers instead of your own. You can also forward your DNS servers requests to OpenDNS for a little more control. I was shocked at how simple it was and then shocked by the sites that were being blocked! Wow some kids today are sick puppies!

Ads by Google

Sounds good? Want to get down? It’s easy, check it out…

Go to their website and click on “Use OpenDNS”.

Then select how you want to use OpenDNS. You can select a single machine, a router based network or, like I said before, you can modify your DNS server to forward requests to them.

Select which way you want to go and you’re off….

If you choose the Router option, you will see a bunch of models to click on. They will give you specialized instructions for these routers. But most of the time these generic instructions will work as well:

1. Open the preferences for your router.

Often, the preferences are set in your web browser, via a URL with numbers (example: http://192.168.0.1). You may need a password.

If you’re like us, and you set the router password long ago and cannot remember it now, you can often reset the password to the manufacturer default by pressing a button on the router itself.

Or preferences may be set via a specific application for your router, which you installed on your computer when you added the router.

2. Find the DNS server settings.

Scan for the letters DNS next to a field which allows two or three sets of numbers, each broken into four groups of one to three numbers. It might look like this:

3. Put in the OpenDNS server addresses as your DNS server settings and save/apply.

Please write down your current settings before entering the OpenDNS addresses, just in case.

    208.67.222.222
    208.67.220.220

You need to make these changes to your computer or network before you can continue. If you have done this correctly you will see the “Welcome to OpenDNS” banner below Step 2 as you can see below:

Then you need to sign up for an account to get the most use out of OpenDNS. (You can use it without a login but you will not get any of the awesome stats or blocking controls).

The final step is to configure your Network and Settings. This is all done from your dashboard. You need to add your network to your account and then set up what you want to filter – if anything, setup stats and other features. I choose to block spyware and a few of their categories – and it works great!

It is also a smart DNS server meaning it can translate www.google.cm into www.google.com. There are options for turning this on/off as well.

What are you waiting for? Go on… Get! Go protect your network and be the best network admin you can be!

Do you use Open DNS? Something similar to protect your network? Let us know in the comments kiddies :)

  1. Speed up Windows
    October 31, 2008 at 11:08 am

    Is OpenDNS anything like ODS.org?

  2. TheOzz
    October 30, 2008 at 7:09 am

    David,
    I don't think you have a true grasp of what people are capable of. I once had a HR manager who used IPs to visit porn sites from his company issued laptop. And kids are way more creative on the Internet than most adults can begin to comprehend.

    I spent many years as a sysadmin and you don't always have the freedom to just lock down desktop functionality due to organization leadership wishes. Sometimes on a strapped budget you have to start logging traffic and knocking down the bad site by IP with ACLs or filters. most companies want to do this (in the US). I had a different set of rules to follow in Quebec. By the way, a Linux based router/firewall built on an old PC chassis with two NICs is the best low cost solution for traffic control on a tight budget, even at home.

  3. shoeyhobit
    October 30, 2008 at 12:35 am

    I also use the iBoss. No loss of speed. In fact, the iboss seems to be the best parental control out there. I have a mac, linux and windows machine on my network. Its so simple to install and have not seen my kids get passed it. Filters chat, torrents, proxies, with no problem. Paid about $79 for the hardware and $50/year but thats what it would cost to convert hardware to openDNS anyhow. No speed loss here either. Its really one of the best. I went from my netopia which I liked but they discontinued it to the iBoss. Glad I did. No question the best I have seen yet. I can set different filtering rules on the same computer so my 6 year old and my teenager can surf on the same computer yet with different rules. Also, I can cut off internet on Sun. for the sabbath but allow my Tivo to run. Things like that are just worth the money for piece of mind and simplicity. Hey in life, you get what you pay for :)

  4. TRBC
    October 29, 2008 at 7:00 pm

    I agree with TheOzz, teens do navigate by IP. I have personally seen it. If I am a teen, and need to get to myspace, I most defiantely will figure out the IP and keep it on a list. Its not that they navigate, just keep a list of the common sites they visit and blocked. Most teens visit the same sites all the time, myspace, facebook, porn. They know the IP to get around OpenDNS. Just type it in. Not difficult at all. What about applications, what do we do with those. Also, what about proxies? What about proxy sites that do the work for you allowing you to enter the website you need to get to? No need to worry about IP. They handle it for you. Its ignorant to think that teens and kids will not sit there to figure out how to bypass any filter. They will spend day night and speak to friends to do this. I googled bypass OpenDNS and here you go:

    http://saritem.wordpress.com/2008/04/10/how-to-bypass-opendns/

    this is the tip of the iceberg. I found that while I can sit there and spend time setting up the OpenDNS and buying the WRT which is about 50-80 dollars. Just easier to by netnanny or something similar and have them do the work. About $39/yr but they have tech support. Also, K9 is free so thats just even simpler.

  5. The Windows Fix
    October 29, 2008 at 5:33 pm

    OpenDNS is one of coolest projects I've seen in quite a while. Really puts a hit on content filterting software.

  6. doorknob60
    October 29, 2008 at 4:43 pm

    Woulda liked to hear about this like 6 months ago...my parents bought this crappy iBoss router and I suffered with reduced internet speed and reliability for a while, then I found OpenDNS about a month ago, and it works great :)

    • scotty1
      October 29, 2008 at 6:44 pm

      gotta say, we are using the iBoss and it is a awesome device. I converted to openDNS for a while until I found out that it was SUPER easy to bypass. OpenDNS can not filter proxies, AOL trident chat, torrents, etc. It is good for a basic filter for a child below 8 years old but when you get older kids or teens, forget about it. Go to http://www.proxify.com and have at it. By pass OpenDNS all day and all night. It cant do anything. You can add proxify.com to the list but good luck since they add direct IP address all the time for example 66.98.179.210. So you are playing cat and mouse. The iBoss was fantastic. Filtering the web is not about just some websites but the more robust. Also, my first concerns were with speed slowdown. I tested the iBoss and got over 20 Megs out of it. Thats not slow in my eyes. It is not a proxy and uses my own bandwidth. Hey doorknob60, you mention your parents bought the iBoss, why would you be so happy the got the OpenDNS? Was it easier to bypass:). I do think openDNS is good but not robust enough. Has anyone tried to see how many leaks are open.

      • doorknob60
        December 14, 2009 at 3:49 pm

        THis post is a year old, don't care thouygh, wanna defend myself. I had heard in the past and still hear good things about the iBoss. I just think ours was defective. Wireless didn't work that great sometimes, and our internet speed only got up to like 2-3 megs, we have 8 megs with our Netgear router. I never needed to do any bypassing back then or now, I just wanted faster internet :) Also I think the OpenDNS interface is better than the iBoss interface.

  7. TheOzz
    October 29, 2008 at 3:35 pm

    Sounds great, but does nothing for folks who make a list of IPs and either go directly to the site by IP or create a custom host file on their PC that takes presidency over DNS server lookups. Content filters and proxy servers do a much better job. Bluecoat, one of the industry leaders in proxy appliances, produces a free content filter for home called K9 Web Protection.

    Another low cost alternative is to create accounts on home and work PCs that limit the ability to clear cache. View cache once in a while to see what folds are accessing. Then create block rules on your router to block access to those "bad" IP addresses.

    • David Ulevitch
      October 29, 2008 at 4:00 pm

      TheOzz,

      Most network administrators lock down desktops and unless you are logged in as an administrator you can't change the DNS or use a hosts file. And if you have tried, you'll know navigating by IP is impractical.

      We are a content filter, and if and when we need to proxy traffic, we will. Thus far, we haven't needed to do anything like that which is part of why we're growing so quickly. People recognize our service meets their needs. As we expand and see areas where we need to improve, we'll do that. We are heads-down, focused, and with an ear pointed at our customers to listen.

      Also, your second example is just not practical, at all. :-(

      Appreciate the feedback though. :-)

  8. Allison
    October 29, 2008 at 2:27 pm

    @Ram - OpenDNS doesn't, nor ever would, sell information about you. We say this explicitly in our privacy policy: http://www.opendns.com/privacy

    Happy to answer any other questions you have about the service.

    Thanks!

    Allison Rhodes
    OpenDNS.com

  9. onlinealias
    October 29, 2008 at 1:41 pm

    The URL for my e-mail is saved in my browser so there is no chance of a typographical error.

    • Karl L. Gechlik
      October 29, 2008 at 1:46 pm

      I only ask because i am trying to help OnlineAlias. I use OpenDNS and I would hit the same URL and see where it takes me. But if you do not need my help - then by all means don't reply! :)

  10. onlinealias
    October 29, 2008 at 1:31 pm

    I tried OPENDNS and they redirected my browser to their site whenever I tried to check my e-mail.

    • Karl L. Gechlik
      October 29, 2008 at 1:37 pm

      What is the url you type to get to your email? The only redirects OpenDNS does is when a URL is commonly misspelled - if you type google.con it will open up a google results page with (most likely) the site you were TRYING to get to. This is much better then getting hijacked to a look-a-like site. ESPECIALLY if it is a banking, email or other confidential type of site!

  11. Ram
    October 29, 2008 at 11:37 am

    It sounds great but I still have privacy concerns.
    They say they sell your information and browsing habits but never something that directly identifies you.
    I decide to trust my ISP because 1) I have to 2) they are money-making businesses that don't want bad publicity

    These folk? They offer this for free. Hmmmm... Always makes me hesitant, a little.

    • Karl L. Gechlik
      October 29, 2008 at 12:24 pm

      I have read that they were making around $20k a month (and this was about a year ago) from their adsense on their typo Google searches. This should be enough revenue to not want to alienate their user base... What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *