Damage_inc- Posted January 31, 2013 Member ID: 2048 Group: ***- Inactive Clan Members Followers: 0 Topic Count: 294 Topics Per Day: 0.06 Content Count: 6689 Content Per Day: 1.27 Reputation: 4709 Achievement Points: 48999 Solved Content: 0 Days Won: 5 Joined: 12/15/10 Status: Offline Last Seen: November 29, 2023 Birthday: 05/30/1967 Posted January 31, 2013 (edited) HELP -MY KIDS BYPASSED MY OPENDNS FILTERING BY CHOOSING AN ALTERNATE DNS SERVER WITH HELP OF A DOWNLOADED PROGRAM..ID LIKE TO BLOCK THIS OPTION SO IT WONT BE POSSIBLE ...IVE HEARD THAT PORT 53 SHOULD BE BLOCKED AND OR FORWARDED TO OPENDNS...ANYONE FAMILIAR WITH THIS? THANKS. Edited January 31, 2013 by Damage_inc- Awards
loaderXI Posted January 31, 2013 Member ID: 252 Group: +++ COD2 Head Admin Followers: 72 Topic Count: 396 Topics Per Day: 0.07 Content Count: 6439 Content Per Day: 1.12 Reputation: 6582 Achievement Points: 54661 Solved Content: 0 Days Won: 32 Joined: 09/05/09 Status: Offline Last Seen: 6 hours ago Birthday: 03/22/1965 Device: Windows Posted January 31, 2013 Can u access ur router settings ? have they set up a virtual server ? can u do a factory restore on the wireless router look at this.....might be answers here not sure http://forums.opendns.com/comments.php?DiscussionID=879 Awards
hxtr Posted February 1, 2013 Member ID: 220 Group: **- Inactive Registered Users Followers: 147 Topic Count: 595 Topics Per Day: 0.10 Content Count: 16950 Content Per Day: 2.96 Reputation: 13538 Achievement Points: 129714 Solved Content: 0 Days Won: 120 Joined: 09/04/09 Status: Offline Last Seen: October 26, 2023 Birthday: 04/05/1970 Posted February 1, 2013 HELP -MY KIDS BYPASSED MY OPENDNS FILTERING BY CHOOSING AN ALTERNATE DNS SERVER WITH HELP OF A DOWNLOADED PROGRAM..ID LIKE TO BLOCK THIS OPTION SO IT WONT BE POSSIBLE ...IVE HEARD THAT PORT 53 SHOULD BE BLOCKED AND OR FORWARDED TO OPENDNS...ANYONE FAMILIAR WITH THIS? THANKS. If he is that smart... you cant stop him. Take his fucking comptuer away from him. You can use any port for this... even 80 for web. 21 for FTP. 25 for SMTP. Does not matter... any port can work if the other end is set to do it. Damage_inc- 1
TecHnOBoY Posted February 1, 2013 Member ID: 755 Group: ***- Inactive Clan Members Followers: 21 Topic Count: 120 Topics Per Day: 0.02 Content Count: 2191 Content Per Day: 0.39 Reputation: 961 Achievement Points: 14309 Solved Content: 0 Days Won: 0 Joined: 11/17/09 Status: Offline Last Seen: April 18, 2019 Birthday: 01/14/1982 Posted February 1, 2013 You can do several things:- restrict their Windows permissions to "User"- deny all outgoing traffic to destination port 53 (standard DNS Port) and permit the DNS servers you like (Google f.e. uses the IPs 8.8.8.8 & 8.8.4.4) in the Windows firewall, or on your router if it- prevent the tool to be used if you know the excact name of the .exe file. in the windows firewall or with other windows settings like "program execution rules" just some hints Some screenshots for adding rules to your Windows firewall:1. open your control panel, go to "windows firewall" and choose advanced settings 2. create a new outbound rule (see screenshots) and name it "DNS deny"3. repeat the steps and create an ALLOW rule with the same Port (53), name it DNS Allow 4. The new rules now appear in the list of your outbound rules - right click on the DNS and choose "properties" 5. select the "Scope Tab" and choose "These IP addresses" in the "Remote IP Adress" field.6. add all DNS Servers you like to use. (For example 8.8.8.8 and 8.8.4.4) This should work Awards
DEEJAYKEG Posted February 1, 2013 Member ID: 1238 Group: ***- Inactive Clan Members Followers: 35 Topic Count: 1207 Topics Per Day: 0.22 Content Count: 6083 Content Per Day: 1.10 Reputation: 4985 Achievement Points: 50728 Solved Content: 0 Days Won: 11 Joined: 03/12/10 Status: Offline Last Seen: April 11, 2024 Posted February 1, 2013 Have you considered a net nanny style program instead? It seems a much simpler option and you'd be notified if it was tampered with. Awards
Damage_inc- Posted February 1, 2013 Member ID: 2048 Group: ***- Inactive Clan Members Followers: 0 Topic Count: 294 Topics Per Day: 0.06 Content Count: 6689 Content Per Day: 1.27 Reputation: 4709 Achievement Points: 48999 Solved Content: 0 Days Won: 5 Joined: 12/15/10 Status: Offline Last Seen: November 29, 2023 Birthday: 05/30/1967 Author Posted February 1, 2013 thanks for your responses..first of all we are from a different generation and I personaly could be disconnected from the internet if I had to but these kids nowadays were raised on it...so just taking there communication and socializing away from them is not an option..I try to filter best possible but kids are smart and tech saavy nowadays and I guess I have to just get on there computors on a regular basis to make sure they dont install and bypass my dns again..It looks more difficult to try to block ports via my router then I wished. life gets busy and I assumed the filtering was filtering and I wasnt getting on there computers unless they would bsod and I had to fix em.... So I think I will just monitor there computers on regular basis while there at school during the week and make them aware of this and that I know what is going on and talk to them and warn them of consecuences... thanks again Awards
CPUvirus Posted February 10, 2013 Member ID: 4278 Group: **- Inactive Registered Users Followers: 2 Topic Count: 2 Topics Per Day: 0.00 Content Count: 30 Content Per Day: 0.01 Reputation: 11 Achievement Points: 218 Solved Content: 0 Days Won: 0 Joined: 12/13/12 Status: Offline Last Seen: February 24, 2013 Posted February 10, 2013 I have clients that request content filtering, and we end up using a program called forticlient. It is a security suite created Fortinet, they make business class routers. It has AV and a firewall but I usually just use the web filter because the AV is kinda awful. It can be configured and password protected so settings cannot get modified. It is a free download.
Recommended Posts