Keep Your Family Safe On Your Home Network

Рет қаралды 16,766

Күн бұрын

Пікірлер: 88

@YorranKlees 6 ай бұрын

I would like to suggest another way, one that will not need to edit the router nor any computer. This is my setup at home. - Get a low-end PC for your LAN, install Linux. - Setup a DNS server, a DHCP server and a proxy. - Fine-tune what you want to filter, lists are available online. - Disable your router's DHCP server. Voilà! No need to edit anything else on your LAN, all equipments will work, you bypass your router settings and your internet provider surveillance. By doing so, you also want to setup your DNS server to something else than Google if you value anonymity. It does take time to setup everything, clearly. But once it's up and running, you just forget it's there.

@nadtz 6 ай бұрын

Even better set your DNS up as recursive and cache everything from authoritative servers, bypass all those public DNS servers entirely.

@YorranKlees 6 ай бұрын

@@nadtz Nice one !

@supremerulah420 6 ай бұрын

Yup, you can have security or convenience. Usually not both at the same time. 👍

@YorranKlees 6 ай бұрын

@@supremerulah420 Well, my setup provides security and convenience. It's a one-time hassle, and it's done. :)

@supremerulah420 6 ай бұрын

@@YorranKlees Hence the word "usually" 😊

@earthoid 6 ай бұрын

Thank you! I never would have been able to figure this out on my own.

@gotbordercollies 6 ай бұрын

You always find the most helpful tips - Thanks

@CrisTheGreek 6 ай бұрын

Thanks bro.. this is a must on our day's..Keep moving 😉

@X-FAKTOR84 6 ай бұрын

That's pretty good. Some routers have firmware in which there is a built-in option for a family network, and there can also be a restriction. But with my firmware I have to enter every single site I want to ban and with your help I think it will be much easier to restrict. Thanks 👍

@NTPTM 6 ай бұрын

Hej thanks for the video! I'm a new subscriber. You have a very good channel with news, tips, and tricks. I'm from Sweden. Take care and have a lovely day!

@PlayF0R3V3R 6 ай бұрын

Keep in mind that a VPN is going to bypass this

@claudiafischering901 6 ай бұрын

Nice thing. To stop a computer to use the dns 8-8-8-8 than made a entry in your hosts file to block it there and your openDNS always should take effect on this device. I have not tested,yet - but I think it should work. I will try it later. Thanks for sharing - To keep my mom and dad secure for any kind of bad things. ^^

@_Heth_ 6 ай бұрын

I use a Palo Alto VM Firewall and block all DNS traffic on the network then place an allow rule at the top and allow specific DNS servers that way they can use any other DNS servers and also blocks DNS tunneling used by some apps. I also do SSL decryption on all the Kids PCs.

@AMD627 6 ай бұрын

A staggering number of parents do not use a parental filter on their kids' computers. Not to be a spoilsport, but what this means is that blocking your kids is basically pointless when all it takes is for them to have a friend/classmate who has an unblocked device.

@Eternal_Tech 5 ай бұрын

Yes, that is a good point. I am not a parent, but if I was, I would rather have a high level of trust between my children and me than finding the desire to block information from them. In addition, I would be more concerned with them posting inappropriate pictures of themselves online, sending inappropriate content to others, and communicating with potential predators than passively watching content that others make. These concerns would require trust and communication, and blocking sites would not be very helpful in this regard.

@keepingup2952 6 ай бұрын

Cool, a new episode! I wonder who today's sponser is.

@s.eremin 6 ай бұрын

Well, my ASUS router with Asuswrt-Merlin firmware has an option "Prevent client auto DoH", where DoH stands for DNS over HTTPS. This is exactly the protocol used when you enable Secure DNS in a browser. I did not actually test this feature, because I have no need for it, but I always knew it was there. To my mind, a certain amount of modern routers should have this feature available.

@incandescentwithrage 6 ай бұрын

It doesn't work to prevent anyone from manually enabling DoH in the browser, so is pretty much useless.

@yourpcmd 6 ай бұрын

In today's world, you should absolutely block Disney.

@summerbee80 6 ай бұрын

why?

@Kryptokoz5555 6 ай бұрын

Will this work with a Starlink router? Thanks

@SametKaratas-db1xu 6 ай бұрын

9:59 Huawei modem is not allowed to change dns address

@kuhrd 6 ай бұрын

At this point, if you live in any country, other than China, you probably should not be using any cellular, internet or wifi connected Huawei products anymore.

@NLGeebee 6 ай бұрын

26:58 what about blocking the google dns ip as one of the rules in your opendns settings?

@JasonWestaway 6 ай бұрын

Thanks, Rich for the video. Quick question.. what if the router you have is ISP-locked. I doubt the ISP would like things changed on their routers. Thanks!

@CyberCPU 6 ай бұрын

Typically on those I would just put them in bridge mode and get yourself an aftermarket router. It will essentially render your ISP router as just a modem and you would use the Wi-Fi and routing capabilities of your aftermarket router instead.

@JasonWestaway 6 ай бұрын

@@CyberCPU Thanks! Rich Till the next video.

@BenedictChrysosthomos 6 ай бұрын

I find a solution on a RaspberryPi, for example Unbound plus Pihole, more usefull, as it works with more routers.

@ikkuranus 6 ай бұрын

I don't think you have to worry about your wife. She will just see the generic error message and be even more clueless than the kids.

@FulfillMyWill 6 ай бұрын

Correct me if I'm wrong, but you can bypass this with hosts file. It has a priority over DNS. Also at 7:52 ERR_CERT_AUTHORITY_INVALID is a huge red flag. Why it forces its own certificates to you instead of giving "unable to resolve" error?

@incandescentwithrage 6 ай бұрын

It's going to give you a site blocked page rather than just not resolving. Prevents confusion - is the site down or blocked. Obviously the cert on the internal site blocked page isn't going to have a SAN matching the blocked site, hence the cert warning.

@tommyking626 6 ай бұрын

Cert authority means they did a redirection (dns poisoning) to their own dns. You can try using doh to bypass that

@Crawlerbasher 6 ай бұрын

I use Next DNS and it even blocks ads on the dns level.

@FoxWolfWorld 6 ай бұрын

I think exposing your kids to Disney is probly as bad as if not worse than pr0n

@bobkozlarekwa2sqq59 6 ай бұрын

What is so bad about Disney?

@AMD627 6 ай бұрын

In the early days of the internet, if you clicked no when pr0n sites asked if you were 18, you got redirected to Disney's website.

@gambiit08 6 ай бұрын

Cause he thinks it's 'woke'. He's a pathetic conservative snowflake @@bobkozlarekwa2sqq59

@Shifo_47 6 ай бұрын

I salute you I stopped watching anything from Disney

@Mr.QuantumC0re 6 ай бұрын

Corn…

@BlockVentures 6 ай бұрын

The WRT 54G was SO BAD to use, I HATED it, I had to CONSTANTLY reboot the darn thing at LEAST once a month,not ONLY that, it NEVER gave me its fullest capable speed AND it dropped packages all the time, making the internet STUPIDLY unstable and it all went away when I switched to some D-Link I can't remember which, since then, in my eyes Linksys is and FOREVER WILL be the bane of my existence, same goes for Cisco home routers, the rack mounted ones are amazing though. Only ever had ANY consistency with D-Link home routers.

@JodyVanStaden 6 ай бұрын

Yo brother hope you are well ... Listen i got a problem with my ram like i tried everything to fix this 16GB Ram but only 10GB usable and can't seem to fix the problem and i tried everything Do you maybe know what i could do

@ibsamsonov 6 ай бұрын

I blocked inappropriate content to my kids, and it worked until they discovered public VPNs. VPN clients pass by DNS blocks, and all my efforts are useless now. Any ideas?

@SametKaratas-db1xu 6 ай бұрын

Also enable anti hidden feature on OpenVPN to block vpn

@incandescentwithrage 6 ай бұрын

@@SametKaratas-db1xugibberish

@rogernordseth8060 6 ай бұрын

Using UDM-Pro/Pihole/Adguard Home problem solved, but the cost is a bit higher than a DD-WRT. Only Phole and Adguard resolves DNS

@tommyking626 6 ай бұрын

Use mikrotik then/pihole very cheap

@economicalphabet2054 6 ай бұрын

Ob your Windows 10 and 11 wont work. Help you Fix Video. Do I loose my files. Hello sir. Are my previous files kept and saved. I don't want to loose. I know you dont check past video but please let me know.

@kablammy7 6 ай бұрын

you think that password requirement is crazy - for almost 20 years - i had a plain lowercase 5 character password to ups - then about a year ago - they made me change it and they require the longest password i have ever seen - 12 characters

@Rayu25Demon 6 ай бұрын

what if you used 587 TSL port ? will it works as well ? 16:04

@incandescentwithrage 6 ай бұрын

587 is for client submission of email using explicit TLS, so no.

@Rayu25Demon 6 ай бұрын

@@incandescentwithrage thanks

@DanSnipe-k8o 6 ай бұрын

Can kids use a VPN to get around this?

@Rayu25Demon 6 ай бұрын

yes you need to block the defaul DNS port 53 and block VPN ports like OpenVPN - 1194 TCP/UDP PPTP - 1723 TCP/UDP L2TP - 1701 UDP Cisco IPsec - 1293 TCP/UDP, 500 TCP/UDP IPsec/IKEv2 - 500 TCP/UDP IPsec Nat Traversal - 4500 UDP SOCKS proxy - 1080 TCP im tying to block them in tp-link router if it works i will tell you

@eenblatigerdenblatiger1622 6 ай бұрын

can someone help me enable secure boot? it's just stuck on disable, i cant change it.

@supremerulah420 6 ай бұрын

@@eenblatigerdenblatiger1622 From Easus website... (No affiliation) Why can't I enable Secure Boot? Your system might be using outdated UEFI firmware that doesn't support a secure boot option. Also, it might be possible that this option isn't enabled in UEFI firmware settings. If any of these issues are there in your system, you will not be able to see the secure boot option in BIOS.Jan 11, 2024

@ethimself5064 6 ай бұрын

Apparently I have 3 firewalls - Modem(wired, Bitdefender and Windows Security is on.

@crazman123 6 ай бұрын

What about for linux users?

@ethimself5064 6 ай бұрын

Our Provincial government got hacked a few months ago(certain departments) and now a 5 factor. 😱🤣🤣🤣

@Suchiiiiixzn 6 ай бұрын

please make a video on disk , my disk is always at 100% please help

@EarthPlusPlastic 6 ай бұрын

Raspberry Pi 4B 4GB running AdGuard in DNS Forwarding mode. Doesn't matter if my ISP IP address changes. Bypass ISP entirely.

@xxTexas_outlaw71xxttv 6 ай бұрын

Quit giving me bad ideas my wife does have Facebook. 😂

@srvuk 6 ай бұрын

I can think of a very good reason to block humour. When you look at the number of unfiltered videos on KZbin alone, where every swear word and profanity is available to all children, with zero moderation by KZbin, then you can understand some parents needing to take matters into heir own hands, which sadly restricts some child friendly content. It is ironic that it is adults that are responsible for such irresponsibility.

@Eternal_Tech 5 ай бұрын

I am not a parent, but I do have a nephew. When he was elementary school age, my nephew liked to watch gaming videos on KZbin, but many of these videos contained profanity. However, he was told that he was permitted to watch these videos, but he was not allowed to use obscene language himself. He was admonished that if he did use this inappropriate language, then he would be no longer allowed to watch these videos. He is now 15-years-old and he does not use profanity, at least at home. Rather than blocking content, it would probably be better for parents to explain why certain things seen in videos, movies, etc. should not be emulated. After all, the average child probably hears swear words from his/her peers at school and content filtering would not solve this type of exposure.