Join the fight!


Parents can prevent a generation of pornography addictions...if they know what to do! Your donation of just $30/month helps us educate and equip parents around the world!

Give now!


Filtering Your Home Network via OpenDNS: What Parents Need To Know Part II – Using OpenDNS

OpenDNS Web Site

You might want to read the first in this series:
Filtering Your Home Network via OpenDNS: What Parents Need To Know Part I – What is OpenDNS?

Ok, now that you have decided to use OpenDNS to filter your home network (possibly for FREE!) the question comes up:

How do I use OpenDNS?

Let’s look at how to set up and manage your OpenDNS account!

SET UP
(EVERYBODY)

Getting started is easy.

  • To begin, first go to the Parental Controls page in the Home Solutions section of OpenDNS.com.  Here is a link to help you get there faster!
  • Then, follow the instructions to set up your account.  NOTE: You will need the make and model of your router, WITH REV NUMBER!  And, don’t worry.  OpenDNS has step-by-step instructions for almost all current and recent consumer routers!
  • Create a strong password for your OpenDNS account.  This should be a password that is not used on any other account.  For more on passwords read THIS ARTICLE.
  • Set the e-mail address for the account, which is used in the FORGOT PASSWORD routine, to one the children will not have access to. (More on this later.)
  • Make sure you download and install the OpenDNS UPDATER software.  You can find it on the SUPPORT page, here.
  • Make sure you check your e-mail for the activation message and follow the instructions.
  • Set-up your filtering categories and white/black lists (more later on all of these)
  • If you have any problems, unplug your cable modem, router and computer.  Then, after about 30 seconds, plug them in one-at-a-time in this order:  MODEM >>> ROUTER >>> COMPUTER.

That should do it, UNLESS you are an AT&T U-verse or Verizon customer.  Then you have a slightly more difficult task, but it is not insurmountable.

 

SPECIAL INSTRUCTIONS FOR
AT&T U-VERSE® & SOME VERIZON CUSTOMERS

First off, I have to tell you that I LOVE AT&T U-verse!  They are, in my experience, the best TV/Internet provider I have ever had in my home!  Nothing negative about AT&T is meant by this section.  It is just a technical difference that must be addressed. (I have not personally been a Verizon customer.)

The U-verse and Verizon systems use a technology called TVIP/IPTV which is implemented in the home through the big silver U-verse gateway or big black Verizon gateway that they provide.  (A gateway is a modem and a router in one device).  TVIP is what is used to get the TV shows to the right box and TV within your home!   This means we cannot change the DNS settings on the GATEWAY or the TV won’t work, which is why the menus on the GATEWAY lock out the DNS server settings.

So, what do we do?

Easy: We add another router to our network, and turn the GATEWAY’s Wi-Fi transmitter OFF!

Look at the diagram, below, to see how the two configurations would look.

Now, here comes the real “techie” part.  When a U-verse customer sets up a configuration as shown above there are a few extra steps that OpenDNS does not cover on their web site:

  • Turn OFF the Wi-Fi on the GATEWAY
  • Set the ROUTER to use the DMZ on the GATEWAY’s firewall.
    (This is a good time to consult an adult techie if you are not familiar with such things.  It should take your friend about 5 minutes to configure this.  Techies LOVE soda and pizza as a means of showing your appreciation!)
  • Change the Gateway’s PASSWORD from the one on the label affixed to the side of the unit.  This keeps anyone from jumping on the Gateway, turning the Wi-Fi back on, and bypassing your great OpenDNS filter!

OK, I know the question is racing through your mind: WHAT ROUTER SHOULD I GET?

Well, all geeks/techies have brands they like and don’t like.  This is similar to folks who love FORD but hate CHEVY, and vice versa.  In my honest opinion, NETGEAR is the best choice as most of their routers feature LIVE PARENTAL CONTROLS, which is a special implementation of OPENDNS in the NETGEAR routers.   If you are going to be streaming a lot of video on the network (Netflix, Hulu+, etc.) then get the fastest router you can afford, at least one that complies with the basics of the 802.11N specification.  A home with a lot of devices and streaming needs AT LEAST a 600 speed router.

I have used OpenDNS with my AT&T U-verse system for years!  It works great!

NOTES:

  • If you have ATT UVERSE Wireless Recievers, do not worry.  They use a Wireless Access Point (WAP) to communicate wirelessly, not the Gateway’s WIFI.
  • Over the past couple of years VERIZON has been distributing gateways that present the same problem as the AT&T U-VERSE  gateways, so some VERIZON customers need to do the same thing, although the exact steps you go through are slightly different due to different gateway software.  These changes to gateways are not being done to limit customers but to enable the use of new technologies that better improves delivery of HDTV signals.

PASSWORDS & OTHER SECURITY ISSUES

To protect your family with OpenDNS you are going to need to put some security measures in place:

  • OpenDNS account password
  • OpenDNS “Forgot Password” e-mail address (not one the kids have access to!)
  • New router password (do NOT leave the default password in place or you are wasting your time)
  • New router “Wi-Fi Key” for the router (this is the code you give folks to get on your network via Wi-Fi)
  • New GATEWAY password (For U-verse customers).

These are all important:

  • The OpenDNS security prevents kids/others from changing your OpenDNS settings (i.e. turning filter categories OFF).
  • The router password ensures keeps folks from resetting the DNS server and the Wi-Fi Key keeps unauthorized folks from piggy-backing on your Wi-Fi signal (like, cheap neighbors!)
  • The GATEWAY security keeps anyone from turning the GATEWAY Wi-Fi back on.

WARNING:  Do NOT click on the KEEP ME LOGGED IN box on the OpenDNS sign-in page. If you do, then all a person has to do to access your Dashboard and then change the filter settings is to type in www.opendns.com.  They will be automatically logged in.

SPECIAL SECURITY TIP
FOR PROTECTING ADULTS

I typically talk about filters and controls in the context of parents protecting kids from Internet dangers.  Unfortunately, a lot of adults are involved with these sites, as well.  Sometimes both a husband and the wife have Internet-related problems.  So, how do you protect BOTH of them when “someone” has to have the login info?

Easy!

TWO KEY RULEYou split the OpenDNS password in half, and each of you have 1/2 of the password.  This way, neither of you can access the OpenDNS Dashboard without both of you agreeing and knowing.  If your joint password doesn’t work then you know “someone” has changed it by themselves (adult or child).  This also works with other types of filters and security systems.

And, have the “least vulnerable” adult set the FORGOT PASSWORD to an e-mail address that the other does not have access to.

REMEMBER: It’s is not that you do not trust your spouse/child, but that you are removing the temptation in order to protect and help them.

CATEGORIES

There are more than FIFTY categories you can use to filter Internet content using OpenDNS.   You can learn about them in detail HERE.

There is a minimum set of filtered categories that I strongly suggest that you use:

  • Academic Fraud (those free term paper sites, and more)
  • Adware
  • Drugs
  • Gambling
  • Nudity
  • P2P File Sharing (this is how folks get music/movies illegally!)
  • Pornography
  • Proxy/Anonymizer (These are used to bypass filters, etc.)

There are other categories you may wish to consider based upon the age/maturity/school work of your children or issues adults may have.  Some of these are:

  • Adult Themes
  • Chat
  • Dating
  • Hate/Discrimination
  • Lingerie/Bikini (Do not filter if you have teenage girls or you will hear about it! <grin>)
  • Sexuality
  • Social Networking (This KILLS Twitter, Facebook, and the like)
  • Tasteless
  • Weapons

You may wish to play with your settings for the first month or so and then re-assess your needs at the end of each school year.

Keep in mind that OpenDNS will accept recommendations for new categories!

NOTE: Ignore the GERMAN-related category unless you live in Germany. That is a single category to ensure compliance with German laws.

WHITE LISTS/BLACK LISTS

OpenDNS allows you to set up both WHITE LISTS and BLACK LISTS.  It you are not familiar with these, here are the definitions:

  • WHITE LISTS – Lists of web sites that you NEVER block
  • BLACK LISTS – Lists of web sites that you ALWAYS block

Here are example scenarios where these come in handy:

  • WHITE LIST:  You have the LINGERIE/BIKINI category set to filter because you have three boys 10-17 in the house.  But, as you are still happily married, Mom and/or Dad like to shop at Victoria’s Secret.  So, you add victoriassecret.com to your white list so that it is never blocked.
  • BLACK LIST: You allow the categories for blogs and podcasts, but you become concerned about the amount of adult material on Tumblr.  So, you put tumblr.com on the ALWAYS BLOCK list. (You don’t use the “www” for these lists.)

(Note: Setting OpenDNS to always block Tumblr is not a bad idea if you have kids as not all of the Tumblr sub-sites and blogs are blocked by category, although many are.)

Other uses may be to allow access to certain sites used for research while a student is working on a project without letting other children know.

ONE MORE THING…

No computer or Internet security system is fool-proof, or invulnerable.  So, you can’t set up OpenDNS and “just forget about it”.  You need to periodically check and make sure of the following:

  • The OpenDNS password has not been changed.
  • The router password has not been changed.
  • OpenDNS is still working (try testing with a site you expect to be filtered, like www.playboy.com)
  • The GATEWAY Wi-Fi has not been turned back on (AT&T U-verse customers, only).

During the Cold War this was called: “Trust…but VERIFY!”

And, last but not least, WRITE DOWN all these passwords and login IDs and seal them in an envelope.  Keep the envelope in a secure place in the home so you have the information available if needed.  VERIFY that you have written the information down correctly (including use of capital and lower case letters) before sealing it!

That’s all you need to do to use and set up OpenDNS!

Check out these other popular posts:

 

 

 

Help us continue to help you!



TechSafeLogo_300dpi TechSafe_Youth_150dpi
Just $1/day ($30/month) WILL make a huge impact for tens of thousands of families…worldwide!!!! Book a
TECH-SAFE HOME™ seminar for parents by contacting us at:
info@knightsquest.org
or 817.715.4074
Add the
TECH-SAFE YOUTH™ program to educate youth about the Biblical purity in our technologically driven world!
Got a question?

Send it in via e-mail!

Subscribe to Blogging The Knights’ Quest via:

RSS 1 e-mail 1

 

NOTICE:  All communications with Knights’ Quest are held in strictest confidence, within the limits of the Law.

5 comments to Filtering Your Home Network via OpenDNS: What Parents Need To Know Part II – Using OpenDNS

  • Stephen

    Great article. Comcast is a similar animal where you have to configure a second router in the DMZ and turn off the WIFI on their main router. I will be moving from Comcast as I recently discovered they have forced the WIFI back on for their WIFI hotspots, no option anymore to turn it off. When guests ask to use my network I tell them which WIFI to use, as you can see others in the area, and there is no question which means they are subject to my filtering restrictions.

    Depending on your Router you can enforce the DNS you want all users on your network to use. The is easily done by redirecting port 53 traffic to the DNS provider of your choice. If the router you use does not offer this you may be able to load a different firmware that will open this option or if you have yet to buy a router, buy one with DD-WRT support. I personally use a router with DD-WRT support and have a robust firmware installed that forces all users on my network to go through OpenDNS and my filtering rules.

  • Jay,

    Thanks for asking! For purposes of your question, I will assume that you are using the ATT Wireless Receiver that you can get from ATT.

    I double-checked with ATT UVERSE SUPPORT: Your ATT wireless TV receiver connects to your gateway via a separate Wireless Access Point (WAP) that is pluged into one of your gateway’s ethernet ports in the back. That separates it from the standard WIFI that we use for Internet surfing and streaming. Therefore, the TV receiver is on a separate wireless system and you should not have any problems with turning off the regular WIFI.

    BTW: The tech also said that AT&T has a new self-help web site: http://ufix.att.com. You might want to bookmark that site for future reference. I have!

    This link might also be helpful: http://www.att.com/media/att/2014/support/pdf/ATT110900769-7+Wireless+TV+Receiver.pdf

    Let me know how it goes!

    And please spread the word about BLOGGING THE KNIGHTS’ QUEST!

  • jay

    So if you have AT&T and a second cable box that runs on Wi-Fi, this method will cause that box to no longer function? Is that correct?

  • Thank for the feedback!

    Since I have strong indications that folks DO visit the site to look for various workarounds or sources I edited out the actual method of bypassing OpenDNS. No offense intended. I just don’t want “educate” the kids too much!

  • Sam

    Note: OpenDNS is easily bypassed by XXXX DELETED XXXX on any device that allows it, including all Windows and Linux devices. If you want to prevent this you must take steps to lock out those settings options. In a home network where user access is not typically centrally managed, this is commonly achieved by restricting the user account permissions on each device. Lower the restricted users accounts from an administrator level to one of the security groups that restrict access to changing any network settings.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>