I’ve written about using OpenDNS in past post (and other blogs), but I’ve never really sat down and given step by steps on how and why to configure this free service.
First I’ll start with the “why”…WARNING…A little “GEEK” info coming at you:
When you type an address like www.yahoo.com in your browser address bar, the computer doesn’t know where yahoo.com points to and it will therefore ask the DNS server.
The job of a DNS server is to translate this human-readable web address (like www.yahoo.com) into a computer-readable number also known as an IP address (209.131.36.158). Once your computer knows the IP location of a web domain name, it opens the website in your browser.
DNS is such an integral part of our Internet life working behind the scenes every time we connect to a website. In most situations, our Internet Service Provider specifies the DNS Server address that we key into the browser network settings or the router.
Unfortunately, this can prove to be the weakest link in protecting our families.
The honest bottom line is that there's no way to absolutely, positively block porn, or anything else for that matter. You can make it more difficult, and maybe that's enough, but for every approach we might consider taking there will be ways to circumvent it.
So with that out of the way, let's block some porn...
You Are The ISP
The approach is actually quite simple: when a computer connects to your network at boot time, it asks your router for an IP address. Along with that IP address the router also provides the IP addresses that should be used for DNS lookups (the lookups that translate human readable "google.com" into what your computer really uses to connect: 74.125.19.104.).
OpenDNS
- You’ll need to go to www.opendns.com
- Write Down “Your IP:” in upper right, and click “Create Account”.
- Select your DNS Source (normally the Router option).
- Choose your Router Brand…if you don’t see your router brand, select the “general router instructions” link.
- Follow the instructions for configuring your router.
- After you Finish the configuration settings, you’ll be directed to your “Dashboard”. You’ll be promoted to enter your IP address (remember the number you wrote down on step 1?). If you have a dynamic IP (one that rotates every couple of days), then use the “client-side software” and follow the configuration wizard.
The Dashboard is you MAIN interface with OpenDNS. From here you can customize which filters you want to use, custom error messages and look at the websites that are being blocked as well as the most popular site requested.
You can use the pre-built settings (High, Moderate, Low, Minimal or Custom). I personally use custom so I can block all social networking, but I can put in an exception for Facebook.com
(Note: fbcdn.net is part of www.facebook.com)
With these settings any computer/device that connects to the internet through this router would use OpenDNS's service.
So what happens if your IP address changes?
This is a very common scenario for consumer internet connections, and is called "dynamic IP addressing". One day your internet connection might be on one IP address, and another day it might change. This is totally normal, and is controlled by your ISP.
You can update your IP address with OpenDNS manually, of course. However, OpenDNS does make available a small program which will automatically update OpenDNS's record of your IP address when it changes. You only need to install it on one machine - yours. Once OpenDNS understands that the internet IP address has changed for your account, its features are applied to all computers accessing sites through that connection.
With a little “tweaking” you can even add your own error messages. 
I like my kids to know that they’re being monitored…just like the corporate world, when users know someone’s monitoring, web traffic to inappropriate sites drops dramatically. ;-)
One final caveat: what we've been talking about is web access. OpenDNS doesn't filter incoming email, so any porn spam you might be getting will continue, but the links to those site should be blocked. You'll need to investigate spam filtering solutions for that, and those are likely not things you'll be able to implement without impacting the computers involved.
I’m OUT!
-SuperDale
No comments:
Post a Comment