I just became an instant fan, got an interview next week with printer company. Your troubleshooting methodology was awesome, you help reinforced why I choose this profession in the first place.
I was just about to say that. Pretty much 99% of all youtube audiences uses headphones...I just made that statistic up. Aren't all statistics made up anyway ?
the hardest thing for him is to talk about what employers have to do and how to treat your employee with blocked sites but at the same time might be afraid of what he has been talking about get heard by his employees. gotta stand in the both sides. hahaha. anyways, i love his education channel here. thanks to him. he taught me many thing here.
Worked for a company that had you sign an agreement not to use their computers for personal use. On the third documented time per year, by-by! And they had an airtight system with a forensic it person if needed. I watched 2 employees being fired. No one ever did it again. And you know what ? I loved the even playing ball field!
@BenBarrettBBB IP Addresses can be tracked down easily by the authorities. By using domain names the hackers can have one pointer, but then have the ability to change what it points to.
Hey Eli, love your vids. Just started using OpenDNS via my linksys router but unfortunately as soon as it was up and running I could no longer get on my VPN for work. I even added the VPN host name under exceptions for VPN user on the OpenDNS dashboard advanced settings. Am I missing something obvious? Tried creating a support ticket with OpenDNS and they offered some ideas but ultimately couldn't help me get it working. Any ideas? Thanks!
I'm unsure what's easier: editing the host file or changing the DNS server. I have no clue where my hostfile is, however network settings are very easy to find and change... I guess the "protection" only works if the users have limited rights on their machine (ie no rights on their network prefs).
Hi Eli, First, I want to say that I great fun of your videos, it helps me alot! OpenDNS is very nice, but I think there are better solutions. OpenDNS server can be helpful just in cases the employe uses a domain name. Any worker can enter the IP address of Facebook instead "facebook.com" - this way my computer would go directly to the server of Facebook instead the OpenDNS server.Regarding your video: Am I right?
+Shaked Tayouri The tool is not designed to be a proxy replacment. Which is what your asking about bypassing for a single well known site. (Which BTW you can block facebook via Firewall and IP). Many malware campaigns and various worms and botnets use Domains to communicate to a range of servers to keep law enforcement from shutting them down. OpenDNS can be used for ALL external DNS queries, not just proxy traffic which is usually limited to user segment traffic. So in terms of a botnet, the bad actors aren't going to list the 20 ip address of servers it talks back to, it would be easy to block/shut down (ThreatSTOP is the tool for that stuff) so they will build in a Domain name, which is harder to take down and can be scripted to change IP address rapidly.
Great tutorial. One problem: if the router is configured with the openDNS's dns but the user still can change or add the dns on his computers's configuration. There's any way to solve that without using active directory?
so when you ask an external service for an IP from a domain name because your computer doesnt know it, the service can choose not to tell you the IP and then you won't be able to access the site. But, if you updated your local hosts file to include the IP for that domain before the computer asked the external service, would you be able to access the site anyway?
If i'm at a college in a network with a lot of computers and I want to use OpenDNS just for myself, will the other computers be affected by my settings?
thats what I'm wondering- (assuming facebook is blocked) if the user can edit their host file with the correct facebook IP address, could they bypass another DNS block on the site?
If we route our traffic to the openDNS server with intention on visiting UA-cam transmission would be complete, at that point you’re at the application layer using UA-cam interface. The content UA-cam stores is kept in storage. How would each video contain their own IP address? If each channel contained its own IP address, then it would be blockable. But if the only thing the DNS server routes traffic to is UA-cam, openDNS cannot simply block harsh content from being viewed by the user. This is why UA-cam has content review teams which makes it so sickos cant post crude material on UA-cam!
Hi Eli, Two questions first my initial thought it work on application as well as network layer correct me if I am wrong ? second proxy does the same thing why would we opt for opendns
Eli I love all your videos they are very informative. However this video with so much reference to XXX material was a bit distracting. It would of been best to reference "Scary monsters com Bad pictures com" I would of been less distracted lol thank you
after using the open dns to game and switching back to normal dns google keeps giving me a word to type in like what they do to make sure you are not a robot for every search...how can i fix this?
Bonjour!Is it possible to block sites using just "Keywords" without using an extension: com, org, net, etc? It would be impossible to list all 'porn' sites or sites you want blocked. During the 'demo' it would have been helpful if you shown all the steps you did to get your system set-up. Some of us need all the pieces to the puzzle to make it complete or understandable.
Hello, just a quick question. Can I make someone's search go to a different website. Say someone on my server is trying to go to Facebook could I make them go to Google instead. Im trying to prank my employees just for moral boost. Thanks!
When you are first resolving your open DNS server, how can you ensure that you are directed to the correct OpenDNS server from the get go? Maybe I am missing some information here.
Isn't it soooo simple just to change ur ip address with a simple proxy or tor?(forget about a paid vpn). Also what u didn't talk about performance of the free version. Also is it possible to make custom block page, "like blocked by the fbi"!. Do firewalls block using a similar method?. Are there free firewalls or dns services that does similar function with more customization?. I am also looking for a firewall that has the capability and functionality of pfsense or sophos xg firewall or clear os but that can be installed on ubuntu 16.04 and windows 10 as package. Glasswire is not as powerful as clear os. On the linux side, zentyal server has lost a lot of gateway and firewall features, its not even installable on ubuntu 16.04. Now I could use a virtualbox, but its not efficient. Any idea on how to overcome this problem?. I liked sophos xg firewall & utm 9, its free & does an excellent job, but I want to have a linux home server with this firewall & a bunch of avs on it along with the ability to have nas & multimedia services. Basically an all in 1: Firewall/gateway, nas & multimedia. How do I go about this?
If you are running a Windows AD domain on your internal network, your clients must have a windows DNS server as their DNS setting or they can't login properly. How can you take advantage of something like OpenDNS if you can't point your clients to the OpenDNS servers? or can you??
you cab di this on any site you just need to have access to your home or work router to be able to change the DNS. Windows Homegroup is a network if all your user at home have the same workgroup you can share files and folders just like on a work network you just don't have the same level of customization as a work network.
to configure custom DNS on my belkin router, do i have to change the Wan>:Connection type from dynamic to static? The option to change the DNS is grayed out, even though the "get automatically from ISP" box is not checked.
In most network configurations, like enterprise situations, schools, etc., you would set up something like NAT redirection for port 53 so that no one on the specified subnets or interfaces can use any other DNS resolvers (i.e. 1.1.1.1 or 8.8.4.4), and all queries for DNS will be redirected to the specified DNS server for the network. The downside is that if VPN traffic is permitted, they can use things such as cloudflare WARP, which is a pseudo non encrypted VPN/DNS resolver in one, then they can tunnel out and use their DNS. Most users however will not go to this extent either because they don't know how to or the computers they work on will not have elevated permissions to change VPNs or DNS.
Chris Craig in my opinion, this would require a separate guest subnet or the system administrator would change the users configuration (DNS config) to another address (9.9.9.9) instead of googles DNS 8.8.8.8. So if guest user is pointing towards openDNS and then admin configured their machine to point towards another DNS then each user account would be using separate DNS servers. I hope this helps. Don’t forget, your router has parental controls ;)
ImposterChovie I prefer this over Linus. Not that I do not think Linus is bad but.. this has: a better sounding voice. Also, talks some funny shit backed with a ton of knowledge and experience. Also more in depth.
What is ironic is that you could probably use OpenDNS to tunnel through your employer's restrictions and achieve the exact opposite. :-) AnalButtRape FTW!!
When i'm at work i'll just do one of the following. 1. Use Tor browser bundle to bypass DNS. 2. Use a standard proxy. 3. Type the IP address of face book into my web browser, to by pass DNS re directions. 4. Find out here there blocking me.
Naheem Sheikh google opendns website it will tell you where their servers are also norton has a free dns server with various levels of security. also there is free malwarebytes anti-exploit free.. and also sandboxie , also free
video should have started at 25:32 - no need to watch the whole video for some folks. Very good video otherwise except for the constant mentioning of certain websites.
Nope, i just pinged an ip address of a website that is blocked on my network, then entered the ip address it pinged into the address bar it still blocked it. e.g. proxy.org is blocked on my network. the ip address of proxy.org is 146.112.61.106. when i typed into address bar it still blocked. Opendns must of found a way of recognising ip's and matched it up with the normal address. So it stops both,
"DNS is an acronym for "Domain Name Services"; most people misuse the term for Domain Name Server. This is incorrect because one would not say Domain Name Server Server as in DNS Server, one would say Domain Name Services Server."
I think you're a good teacher. However, you should check your audio. It was one sided only. You used the phrase "Analbuttrape" so many times - it became grotesque. I had to turn it off. You can do better.
I just became an instant fan, got an interview next week with printer company. Your troubleshooting methodology was awesome, you help reinforced why I choose this profession in the first place.
dynamic host configuration protocol does more than I knew, thanks.
my left ear loved this
I was just about to say that. Pretty much 99% of all youtube audiences uses headphones...I just made that statistic up. Aren't all statistics made up anyway ?
the hardest thing for him is to talk about what employers have to do and how to treat your employee with blocked sites but at the same time might be afraid of what he has been talking about get heard by his employees. gotta stand in the both sides. hahaha. anyways, i love his education channel here. thanks to him. he taught me many thing here.
@dannygizzle33 I'm pretty sure that you can do this. I think you have to install an app on the computer.
Worked for a company that had you sign an agreement not to use their computers for personal use. On the third documented time per year, by-by! And they had an airtight system with a forensic it person if needed. I watched 2 employees being fired. No one ever did it again. And you know what ? I loved the even playing ball field!
thank you for some useful site address you have given while you lecturing.
only sound on left channel?
@stormko Try pulling your stereo jack out a little and it will split the mono channel
LOLOLOL 1:53 and I'm at work with my speakers on! KILL ME!
Great video i am learning alot,you are great teacher!!!
@BenBarrettBBB IP Addresses can be tracked down easily by the authorities. By using domain names the hackers can have one pointer, but then have the ability to change what it points to.
Informative, clear and concise. Great tutorial video.
Eli, you are too funny the stuff you came up with ....
@SharingEqualsCaring Yes... or a VPN connection... but that gets into hacking...
Hey Eli, love your vids. Just started using OpenDNS via my linksys router but unfortunately as soon as it was up and running I could no longer get on my VPN for work. I even added the VPN host name under exceptions for VPN user on the OpenDNS dashboard advanced settings. Am I missing something obvious? Tried creating a support ticket with OpenDNS and they offered some ideas but ultimately couldn't help me get it working. Any ideas? Thanks!
i like all your vids. they are very informative. keep the vids coming.
man lacs of thumbsup fror your every video you are best . this word is small for you .
oh why is the audio only in the left ear.
handy Macintosh hack: System Prefs > Accessibility > Audio > "Play stereo as mono"
I'm unsure what's easier: editing the host file or changing the DNS server.
I have no clue where my hostfile is, however network settings are very easy to find and change... I guess the "protection" only works if the users have limited rights on their machine (ie no rights on their network prefs).
Hi Eli,
First, I want to say that I great fun of your videos, it helps me alot!
OpenDNS is very nice, but I think there are better solutions. OpenDNS server can be helpful just in cases the employe uses a domain name. Any worker can enter the IP address of Facebook instead "facebook.com" - this way my computer would go directly to the server of Facebook instead the OpenDNS server.Regarding your video:
Am I right?
+Shaked Tayouri The tool is not designed to be a proxy replacment. Which is what your asking about bypassing for a single well known site. (Which BTW you can block facebook via Firewall and IP). Many malware campaigns and various worms and botnets use Domains to communicate to a range of servers to keep law enforcement from shutting them down. OpenDNS can be used for ALL external DNS queries, not just proxy traffic which is usually limited to user segment traffic. So in terms of a botnet, the bad actors aren't going to list the 20 ip address of servers it talks back to, it would be easy to block/shut down (ThreatSTOP is the tool for that stuff) so they will build in a Domain name, which is harder to take down and can be scripted to change IP address rapidly.
Great tutorial. One problem: if the router is configured with the openDNS's dns but the user still can change or add the dns on his computers's configuration.
There's any way to solve that without using active directory?
Having the same issue
Nobody wants to go to CNN.com. Thanks for this informative video, I'm using openDNS but trying to understand why I should be using it!
now we all know who your sponsor is
Thanks good info
Hi Eli,are you using the enterprise package for OpenDNS?
so when you ask an external service for an IP from a domain name because your computer doesnt know it, the service can choose not to tell you the IP and then you won't be able to access the site. But, if you updated your local hosts file to include the IP for that domain before the computer asked the external service, would you be able to access the site anyway?
If i'm at a college in a network with a lot of computers and I want to use OpenDNS just for myself, will the other computers be affected by my settings?
love this video... thanks eli
thats what I'm wondering- (assuming facebook is blocked) if the user can edit their host file with the correct facebook IP address, could they bypass another DNS block on the site?
thanks a lot for this great video..
But still eli knows his sh*t, its good to see a computer guy that knows alot about a wide area in computing
can open DNS block inappropriate youtube content or is the entire youtube domain blocked.
If we route our traffic to the openDNS server with intention on visiting UA-cam transmission would be complete, at that point you’re at the application layer using UA-cam interface. The content UA-cam stores is kept in storage. How would each video contain their own IP address? If each channel contained its own IP address, then it would be blockable. But if the only thing the DNS server routes traffic to is UA-cam, openDNS cannot simply block harsh content from being viewed by the user. This is why UA-cam has content review teams which makes it so sickos cant post crude material on UA-cam!
amazing, i like it and many thanks
is openDNS or google dns the best for internet speed?
Hi Eli, Two questions first my initial thought it work on application as well as network layer correct me if I am wrong ? second proxy does the same thing why would we opt for opendns
Eli I love all your videos they are very informative. However this video with so much reference to XXX material was a bit distracting. It would of been best to reference "Scary monsters com Bad pictures com" I would of been less distracted lol thank you
:)
@SharingEqualsCaring you install a client program on you computer that sends your current ip address to openDNS site 25:45
Does using static ip address reduce your privacy?
after using the open dns to game and switching back to normal dns google keeps giving me a word to type in like what they do to make sure you are not a robot for every search...how can i fix this?
if i use opendns for home use can i use on just one computer
What is the benefit, if any, of using OpenDNS over a NGFW for web filtering?
ahorna1 from what I understand is it blocks it past the router, not the computer itself therefore it should be harder to get around it
Bonjour!Is it possible to block sites using just "Keywords" without using an extension: com, org, net, etc? It would be impossible to list all 'porn' sites or sites you want blocked. During the 'demo' it would have been helpful if you shown all the steps you did to get your system set-up. Some of us need all the pieces to the puzzle to make it complete or understandable.
does OpenDNS affect your ping in multiplayer games?
Thanks Eli.
Hello, just a quick question. Can I make someone's search go to a different website. Say someone on my server is trying to go to Facebook could I make them go to Google instead. Im trying to prank my employees just for moral boost. Thanks!
When you are first resolving your open DNS server, how can you ensure that you are directed to the correct OpenDNS server from the get go? Maybe I am missing some information here.
Roberto Caballero maybe some trace routes, simple querying, and good old social engineering.
Don’t forget wireshark
OK, I have a question, If you enter a IP address in your Browser, What will happen then?
please answer me OK? ;-)
यु आर द बेस्ट ।
you are awesome!
Hey Eli,
How would i use OpenDns if i have a dynamic Ip assigned to me by my isp?
Opendns supplies a ddns updater for this purpose. You install it on a server or machine on your network, and it notifies opendns of IP changes.
Thanks for the information Bryan.
Isn't it soooo simple just to change ur ip address with a simple proxy or tor?(forget about a paid vpn). Also what u didn't talk about performance of the free version. Also is it possible to make custom block page, "like blocked by the fbi"!. Do firewalls block using a similar method?. Are there free firewalls or dns services that does similar function with more customization?.
I am also looking for a firewall that has the capability and functionality of pfsense or sophos xg firewall or clear os but that can be installed on ubuntu 16.04 and windows 10 as package. Glasswire is not as powerful as clear os. On the linux side, zentyal server has lost a lot of gateway and firewall features, its not even installable on ubuntu 16.04. Now I could use a virtualbox, but its not efficient. Any idea on how to overcome this problem?.
I liked sophos xg firewall & utm 9, its free & does an excellent job, but I want to have a linux home server with this firewall & a bunch of avs on it along with the ability to have nas & multimedia services. Basically an all in 1: Firewall/gateway, nas & multimedia. How do I go about this?
Well Done. Thanks for your brain
It's exactly 1 year that I watch this.
Just to let you know, there's almost no sound on your right channel.
If you are running a Windows AD domain on your internal network, your clients must have a windows DNS server as their DNS setting or they can't login properly. How can you take advantage of something like OpenDNS if you can't point your clients to the OpenDNS servers? or can you??
The gateway has the OpenDNS configuration not the workstations. Watch whole video!
i would love to understand technically how the process of physically locating of the router can be traced using its ipaddress.
Can someone do this on a home network, or can you only do this on a company or work network?
Yes, you can do this on any network as long as you have access to the network.
you cab di this on any site you just need to have access to your home or work router to be able to change the DNS. Windows Homegroup is a network if all your user at home have the same workgroup you can share files and folders just like on a work network you just don't have the same level of customization as a work network.
to configure custom DNS on my belkin router, do i have to change the Wan>:Connection type from dynamic to static? The option to change the DNS is grayed out, even though the "get automatically from ISP" box is not checked.
So how would you setup openDNS on UVERSE device Motorola Model Number NVG589?
there does not seem to be a place to configure/change the DNS.
Maybe through the terminal/command prompt
DNS = Domain Name System
Not?
Eli , Do you work for CNN ? :) QC
i love open DNS but it blocked rockstars web site so it will prevent me to play online too
Correction - You say DNS is "Domain Name Services", but it's actually "Domain Name System".
Keep the vids coing man. I support your
Can't a knowledgable user w/ proper permissions edit his local host file and therefore bypass any openDNS restrictions?
In most network configurations, like enterprise situations, schools, etc., you would set up something like NAT redirection for port 53 so that no one on the specified subnets or interfaces can use any other DNS resolvers (i.e. 1.1.1.1 or 8.8.4.4), and all queries for DNS will be redirected to the specified DNS server for the network. The downside is that if VPN traffic is permitted, they can use things such as cloudflare WARP, which is a pseudo non encrypted VPN/DNS resolver in one, then they can tunnel out and use their DNS. Most users however will not go to this extent either because they don't know how to or the computers they work on will not have elevated permissions to change VPNs or DNS.
How does openDNS aid in hipaa security
Can open dns be used on a guest network while leaving the main network untouched
Chris Craig in my opinion, this would require a separate guest subnet or the system administrator would change the users configuration (DNS config) to another address (9.9.9.9) instead of googles DNS 8.8.8.8. So if guest user is pointing towards openDNS and then admin configured their machine to point towards another DNS then each user account would be using separate DNS servers. I hope this helps. Don’t forget, your router has parental controls ;)
lmao, analbuttrape.com!!! Subscribed!
Eli is pervy 😂
Eli ur funny! and great thanks for all the videos mate :)
But if you manually set dns servers on your workstation it will bypass this.
Can't the user just type another DNS server on his machine to stop the blocking?
you have to stop users from using any other dns servers though
How can I make my own personal DNS server so that I won't have to pay others for my domain name?
what if the blocked website's ip is in the local computers host file ?
did u found the answer??
the times i wish i have a mono headset
Amen (solo)!
Also, you are giving open dns company information about what your company visits on the internet, meta data profiling
was this linus tech tips before linus
ImposterChovie I prefer this over Linus. Not that I do not think Linus is bad but.. this has: a better sounding voice. Also, talks some funny shit backed with a ton of knowledge and experience. Also more in depth.
Спасибо за лекцию!
thanks very much ..it is brillante , can you please give us the name of one free OpenDns
thanks
It doesn't matter OpenDNS knows what sites you go to. I'm sure they can give that info away.
What is ironic is that you could probably use OpenDNS to tunnel through your employer's restrictions and achieve the exact opposite. :-)
AnalButtRape FTW!!
Zack123 how so?
My right ear feels lonely
When i'm at work i'll just do one of the following.
1. Use Tor browser bundle to bypass DNS.
2. Use a standard proxy.
3. Type the IP address of face book into my web browser, to by pass DNS re directions.
4. Find out here there blocking me.
This most definitely isn't where I parked my car.
Does anyone knows where the DNS server resides?
Naheem Sheikh google opendns website it will tell you where their servers are
also norton has a free dns server with various levels of security. also there is free malwarebytes anti-exploit free.. and also sandboxie , also free
video should have started at 25:32 - no need to watch the whole video for some folks. Very good video otherwise except for the constant mentioning of certain websites.
opendns and lifescribe pen changed my life!!!!! :D
But if I really want to go to analbuttrape.com and I know its ip (since I habitually ping it from home), OpenDNS isn't really gonna stop me, is it?
+Host Leaver Doesn't even has a chance at it ...
+Host Leaver It will stop you
Joel Lay Dude, it stops the DNS, not the ip. It is like blocking the child of the parent, the parent can still do whatever it wants.
Nope, i just pinged an ip address of a website that is blocked on my network, then entered the ip address it pinged into the address bar it still blocked it. e.g. proxy.org is blocked on my network. the ip address of proxy.org is 146.112.61.106. when i typed into address bar it still blocked. Opendns must of found a way of recognising ip's and matched it up with the normal address. So it stops both,
norton dns without a doubt
Lil tool boy Eli!!
the network's firewall should block all dns requests to other servers.
my left ear enjoined that
well, so clear
Wait did you just say domain name services?!
I really don't think this guy knows so much after what I just heard...
"DNS is an acronym for "Domain Name Services"; most people misuse the term for Domain Name Server. This is incorrect because one would not say Domain Name Server Server as in DNS Server, one would say Domain Name Services Server."
I think you're a good teacher. However, you should check your audio. It was one sided only. You used the phrase "Analbuttrape" so many times - it became grotesque. I had to turn it off. You can do better.
I think it's over there in my life
Бенчмаркднс показал что они самые быстрые.
Freudian DNS
Frustrated with employee time being wasted on social networking :P
cant watch this with my kids lol those examples