In this advanced tutorial on this subject we will look at some of the common issues faced, while setting up your home Network for Safe Internet usage such as blocking of Internet Porn sites and fraud and Phishing sites (sites that steal your personal and financial information). These are for users wanting to do advanced customization. If you are looking for basic instructions go to Part I of this article.
1. DNS settings on your Computer is not default
The DNS Settings on your computer may be interfering with the settings on your Router. The verify these open the ‘Network and Sharing Center’ on your computer (Right click on the Network status icon in system tray) and click on your active network. On the Status Page, click on Properties. In Properties click on ‘Internet Protocol Version 4 (TCP/IPv4)‘. Inside that check for ‘Obtain DNS server address automatically‘. In case this is not selected and a specific DNS server has been entered (see picture below) then this will override the DNS you have set in your Router. Check ‘Obtain DNS server address automatically‘ and click OK.
Another safe-guard you may want to have is to create a ‘Limited account’ on your computer. This account will be a separate login-id, which will not have administrative permissions. Ask users to use this login only on your computer. This is important to make sure that users are not allowed to change Network settings such as above or install malicious software that allows them to bypass the settings we have made.
2. Blocking untrusted DNS servers
In this method we try to block all untrusted DNS servers from being accessed from inside the Home Network. Idea is that in case anybody tries to override the default router settings we have made by forcing a DNS server setting (as shown in previous example) on his/her computer, then that is not allowed.
In this example we will block some of the DNS Servers used by Airtel, Google etc. Open your router settings menu as demonstrated in Part I of this article. Go to menu ‘Access Management -> Filter’ and follow the steps:
- Set the First Filter
- Direction: Outgoing
- Destination IP Address: 220.127.116.11
- Subnet Mask: 255.0.0.0
- Port Number: 53
- Protocol: UDP
- Rule Unmatched: Next
- Click Save and First Rule will appear on page.
- Set the Second Filter after making the below changes
- Destination IP Address: 18.104.22.168
- Rule Unmatched: Forward
- Click Save and Second Rule will appear on page.
- Destination IP Address: 22.214.171.124
Note that the above menu’s are specific to ‘Binatone’ routers being used by Airtel. For other vendors such as BSNL etc, settings will be somewhat different but similar.
3. Open DNS customization – OpenDNS Home
In case you would like to perform customization in OpenDNS, then you can do that by opening an account on their site – store.opendns.com/get/home-free. This service is currently free and it allows you to customize your OpenDNS experience and if you want to block additional categories than what is blocked by default. OpenDNS divides the Internet’s millions of websites neatly into 56 categories, like “adult,” “games,” “academic fraud” and “social media.” Parents can block entire categories of content, or just choose to block the individual websites that you know are problematic or unsafe for your family. Blocking can be done based on time of the day as well. For example, you may want Facebook and other Social Networking sites to be accessible for say only 2 hours from 6pm – 8pm, for your kids to use them. You can do such settings for your home Network from anywhere in the world (free) and even monitor what sites your kids are currently accessing (paid subscription).
For this you need to install an application from OpenDNS on one of your Home computers that allows your Home Network to be recognized uniquely. This is a one time step. Rest is all customizable for your connection through the the OpenDNS website.
Looking at competition, there is one that I could find – www.safedns.com, but this is currently a paid service.