Many of the solutions available to protect ourselves and our families from internet threats (security, inappropriate content etc.) are quite expensive. There are however a few free ones and OpenDNS Personal happens to one of these. It is relatively easy to set up, but does require you to make changes to your settings on your internet router. We’ll explain how to do this generically, but the actual screens and terms on your specific router model may be slightly different.
What is it?
OpenDNS is a fairly major provider of DNS services on the internet. DNS stands for Domain Naming Service and is essentially a giant phonebook for the internet. When you want to go to a website, you type the address in your browser, such as http://www.techparents.net. Your computer then queries this giant phonebook called DNS to find the actual IP address (similar to a phone number) of the computer hosting this website. DNS responds with the information requested and your computer connects to the server and the website appears. DNS is critical to the functioning of the internet and means you can just type in a friendly website name rather than remembering something like 22.214.171.124 (this site’s IP address).
OpenDNS Personal is kind of like a filtered phone book. It had built-in categories which you can elect to block from your home based on your personal preferences and it also blocks known-bad sites used by bad guys on the internet to steal information or infect your computer with a virus or malware. If your computer attempts to look up the address of a blocked or bad site, you’ll get a message saying that the site was blocked and why.
The service has 3 levels, 2 of which are free and the 3rd is a US$20 per year subscription. We’ll go through the 3 levels and discuss whether you need the paid option or not. *Spoiler Alert* (You don’t!)
Does it work?
It does work and works pretty well provided you understand the limitations of what it can and can’t do.
What it DOES do:
- It does block connections to known bad sites thereby helping keep your you, your family, and your computer safer.
- It does block access to sites in blocked categories such as pornography, hate speech, gambling etc.
- It does provide basic reports on what sites have been visited (with OpenDNS Home), which have been blocked and why. If you’re seeing a lot of blocked sites, it might mean your computer is infected with something nasty and you should get help.
What it DOESN’T do:
- It doesn’t protect you or your devices when they’re not on your home network (such as on 3G or on another Wi-Fi network).
- It’s not always up to date. New sites pop up all the time and keeping the OpenDNS database up to date is a big job. It is possible that a bad site may exist for a while before being categorised.
- It is an all or nothing setting. It blocks access to selected sites for ALL devices on your network. It has no concept of adults vs. children or different users in your home.
- It can’t see pages or content in sites, only the site itself. This means you can block YouTube entirely but you can’t block certain videos with YouTube.
- Provide details reporting of content being viewed by different people.
Is it easy to set up?
The setup process is fairly easy, but there are some technical bits. There are also 3 options to choose from, Family Shield, Home and Home VIP.
Family Shield is the simplest and easiest option to set up and use. It is a predefined set of rules designed specifically to block adult content. It doesn’t do the other security and identity theft blocking options and it doesn’t allow any customisation of the rule set. It requires no account to be set up and just works. You need to log onto the admin portal of your router (usually http://10.0.0.1 or http://192.168.0.1) and login with your admin username and password. You’ll then need to find your DNS settings and change them to the Family Shield name servers. Instructions are detailed at the OpenDNS Site and contain generic instructions as well as specific instructions for some routers. There is a link to this page later on in this review.
This is probably the best choice for most people who want a free and easy service with no complications and it does a good job of protecting children from adult content.
OpenDNS Home is similar to Family Shield but supports a fully customised rule set (you can define which site categories are blocked and are not blocked) and is far more granular. It also supports reporting so you can see if any bad sites are being requested and can address this either with your family or potentially it may be caused by some kind of virus or malware you’re infected with.
OpenDNS Home is a lot more technical to get working and requires you to create an account and set up your rule sets as well as change your router’s DNS settings in the same way as Family Shield. The additional benefits of being able to block sites other than just adult content might be worth the additional effort depending on how comfortable you are with this kind of thing. This is the package I’ve been using for the past two months and it has worked very well. There is one serious consideration you need to keep in mind before choosing this option regarding dynamic IP addressing and a mechanism to update the service when your address changes.
Dynamic IP Addresses
Home internet access services usually use what is called a dynamic IP address. This is the address (think phone number) assigned to your particular connection so that traffic can find its way back to your computer when you’re downloading something from a website. Every device on the internet has an IP address. Internet Service Providers have a limited number of these addresses and assign then dynamically to their clients as they connect and disconnect. They also automatically change them every day or so for various reasons. The problem is that OpenDNS uses your IP Address to know who you are for reporting and to apply the rules you’ve set up etc. Whenever your IP Address changes they don’t know who you are anymore. The solution for this is to install a little piece of software on a computer in your house that detects when your IP Address changes and updates the OpenDNS service. This works very well provided you have a PC or device on your home network that is on most of the time and is able to update the service. If your IP Address changes and it isn’t updated timeously on the OpenDNS service, you will have problems which may be tricky to resolve if you aren’t familiar with networking.
Some routers do support automatically updating OpenDNS and if this is configured correctly you should be fine. Most people don’t have a PC on all the time (especially with the cost of electricity today) so it’s important to find out if your router can manage the updates. If it can’t this is probably not the right solution for you.
OpenDNS Home VIP
OpenDNS Home VIP is the US$20 per year subscription service which adds the following features to the free OpenDNS Home package.
Increased quota on whitelist/blacklist (50 Domains)
You can now whitelist or blacklist sites. Whitelist means you set up a list of allowed sites and everything else is blocked. This is not really a practical solution as the admin overhead is significant and you’ll be more frustrated than anything trying to manage this. 50 is also not a lot of sites when considering the entire internet.
1 year of statistics
You are able to go back a full year and see what sites have been accessed and blocked. The usefulness of this in a home environment is questionable.
See above regarding whitelisting.
Enhanced Customizations of Block & Guide Pages
You can customise the page that is displayed when someone attempts to access a blocked site.
Ad-Free Guide/Block Page
No advertising is displayed on any block pages.
We really don’t see that these features are worth US$20 per year when the free options are so capable.
How much you have to actually do to set it up depends on which option you choose. The simplest one is the Family Shield which only requires that you change your DNS server settings on your router.
OpenDNS have quite comprehensive setup guides online explaining how to make the required changes on a variety of common router brands. Follow this link to see if your router is listed or use the generic guide if it isn’t.
Once you’ve done this step, you’re good to go. Your home internet connection will not allow any adult content.
If you prefer the OpenDNS Home or VIP options you’ll need to set up your account, create a network (connection ID) and configure your particular blocking rules. Instructions for this can also be found on the site OpenDNS site here.
In summary, we found the OpenDNS service to be extremely reliable, very simple to use and a good solution for a basic 1st line of defence to help protect your home network from bad content. The OpenDNS Home option is nice for those who are a bit more technically inclined and offers more options for blocking different categories and getting some basic reporting which could help in finding anything suspicious on your home network.
You will need more layers of security in order to properly control devices and keep them safe and we’ll be reviewing some of these other options in the future. We don’t recommend paying for the service as the free options are quite sufficient for most people. You may need to pay for additional layers of protection so we recommend sticking to the free version of OpenDNS.