Buy or Renew
Buy or Renew
NOTICE: OpenDNS Service Currently Not Available To Users In Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
168
Views
0
Helpful
8
Replies

How to disable the use of proxies to bypass DNS logging

stanthemam
Level 1
Level 1

‎11-07-2016 05:24 PM

I have recently learned that my teen is able to bypass domain logging by using a proxy. I have blocked a bunch of web proxies but how do I disable the use of proxies and make sure that all DNS traffic is logged using OpenDNS server?

Labels:
0 Helpful
8 Replies 8

rotblitz
Level 6
Level 6

‎11-08-2016 02:23 AM

  • You block category Proxy/Anonymizer at your OpenDNS dashboard.
  • You configure your router to block port 53 passthrough or to redirect all DNS traffic to OpenDNS.
  • You may also block all UDP traffic passthrough on your router.  VPN programs use almost UDP.
0 Helpful

stanthemam
Level 1
Level 1

‎11-08-2016 06:47 AM

Thank you! Is there any way you could give a little more detail about blocking port 53. I don't have a router, but a button modem/router combo. I am not sure where or how to block this port.

0 Helpful

rotblitz
Level 6
Level 6

‎11-08-2016 08:55 AM

I also do not know, because I'm pretty confident that I do not know your unspecified "button modem/router combo".  If you can point me at an online user manual, I may be able to check for port blocking opportunities.

0 Helpful

stanthemam
Level 1
Level 1

‎11-08-2016 09:24 AM

Sorry, that was a typo. I am using a Hitron CGMN 3552 modem/router combo. I can not seem to find anything online. I did however play around with the settings a bit and have used the service filter to block port 53, however once I did so, there was no confirmation of doing so and nothing appearance on screen for me to overview. Is there a way of telling if this setting is truly disabled?

0 Helpful

rotblitz
Level 6
Level 6

‎11-08-2016 11:31 AM

Yes, this is easy to verify.

To see if the port 53 block is in effect, you raise a DNS lookup with DNS resolver address specified:

nslookup www.internetbadguys.com. 8.8.8.8

This request should time out.

To see if you're still using OpenDNS if no DNS resolver address is explicitly specified:

nslookup www.internetbadguys.com.

The reverse DNS of the returned IP address should be hit-phish.opendns.com.

0 Helpful

stanthemam
Level 1
Level 1

‎11-08-2016 12:04 PM

Thank you so much for your help. I have verified that I am still using OpenDNS as the sites i have blocked remain blocked. I typed in "www.internetbadguys.com 8.8.8.8" into the browser and it just took me to a google search. I'm not sure if that was what you had wanted me to do or not so I apoglize if I misunderstood. I don't know how to change the DNS traffic or how to use a proxy to bypass the settings used for OpenDNS, but I believe my son does so I would like to block all of that. I just don't know if I have port 53 blocked correctly and can not seem to find out a way to check.

0 Helpful

stanthemam
Level 1
Level 1

‎11-08-2016 01:39 PM

Update: I realized I had blocked port 53 incorrectly so I did it the correct way, however as soon as I did, I had no internet connection. Am I missing something?

0 Helpful

rotblitz
Level 6
Level 6

‎11-08-2016 11:24 PM

Commands need to be entered in the command prompt window, not in a browser.

No DNS looks like no internet connection.  You may need to allow OpenDNS explicitly.

0 Helpful
Customers Also Viewed These Support Documents