Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
  1.  permalink
    If I set a mobile phone or laptop to use OpenDNS instead of the automatic DNS lookup provided through my ISP, what keeps someone from changing this setting back to automatic? Is there a way to "lock" the DNS to be set to OpenDNS in such a way that it cannot be changed back to auto? If not, then this seems to be a major security hole!
    • CommentAuthorjpmack
    • CommentTimeFeb 1st 2011
     permalink
    On a Mac, lock down the DNS settings (Network Preferences), create a second User (Accounts) and make it the only user with Administrator privileges. Keep the password to yourself. I'm sure the same exists in the Windows world.
  2.  permalink
    "If not, then this seems to be a major security hole! "

    Indeed, it is known as "using administrator/root accounts for normal use". Don't do it.

    What is to stop you, the network owner/administrator from doing it? You.
    Thankful People: rotblitz, Red Prince, cindelicato
  3.  permalink
    .
    Thankful People: tomdlgns
    • CommentAuthortomdlgns
    • CommentTimeFeb 28th 2011
     permalink
    exactly what saulchristie said.
    • CommentAuthorRed Prince
    • CommentTimeFeb 28th 2011
     permalink
    This is funny. In most countries, if you want to drive a car, you need to go through formal training, take a test, and get a license to drive. Yet, anyone can just buy a computer and "drive" it without having a clue, even though in a way computers are quite as dangerous as cars (well except you are not likely to kill someone).

    There really should be a requirement to get at least some basic training on how to administer a computer before you were allowed to come from within 5 feet of a computer.
    Thankful People: rotblitz
    • CommentAuthorrotblitz
    • CommentTimeFeb 28th 2011 edited
     permalink
    "As a simple fix, make sure your router's DHCP settings give out OpenDNS's addresses as your network's DNS servers"

    As a general advice this is a pretty bad idea, as it usually breaks local name resolution causing more problems than you solve. :angry:

    External DNS server addresses do not belong onto local devices, unless you don't care about local name resolution, and your devices do not belong to an AD network.

    @Red Prince
    Another comparison would be an illiterate trying to read books and newspapers...
    Thankful People: Red Prince

This discussion has been inactive for longer than 30 days, and is thus closed.