Router DNS keeps changing

meanman

Active Member
Hi i have a mate who runs a small bed and breakfast it only has 5 bedrooms so he is using a domestic router (Linksys), he has been using OpenDNS for over a year to make sure no guests can brows certain websites and it has been working fine until last week when he told me it had stopped filtering the blocked websites, i went round and reset his router then i added the correct DNS setting provided by OpenDNS and i changed the WIFI password and the router login password and everything was working fine again, now only one week later you can brows all the blocked websites again so i am assuming the DNS has been changed again.
I will be going to his business in the next couple of days to have another look so any advice on how to beef up the security on the router and how to tell if it is infected would be very helpful, thank you for your time.
 

beers

Moderator
Staff member
Make sure it's on the latest firmware, a bunch of Linksys models suffered from a bug where you could easily capture device credentials.

What did the device look like after the change, or did you blindly reset it to defaults?
 

meanman

Active Member
Hi my mate could not remember the router login so i had to just reset it so i didn't get to poke around in the settings.
 

beers

Moderator
Staff member
No worries m8

Also, unless he's blocking DNS outbound then anyone can just change their own DNS reference to circumvent the filtering as well.
 

AdmnPower

VIP Member
You could put in a small software appliance firewall. Sophos has several options available that will install on standard computer hardware. As long as you have two network cards in the computer, one for WAN and one for LAN you're good to go. You'd probably have to get a switch as well.

As for your issue with your current hardware, I wonder if it isn't because you have a dynamically assigned IP address from your internet service provider. If you setup a custom filtering profile on openDNS and your public IP changes then the filtering policy will no longer apply. They provide a little IP updater application that you can use to keep things up to date, just download and install it on a computer that's on most of the time and once install login to your account.
 
Top