[ale] selective DNS server for DHCP clients?

Scott Plante splante at insightsys.com
Fri Mar 8 11:30:57 EST 2013 

Just keep in mind this would be fairly easy for her (or her tech-savvy friends you mentioned) to get around. She just needs to set her network settings to use a public DNS like 8.8.8.8 instead of whatever DHCP hands out. DHCP is more of a suggestion. You may be able to block outbound DNS queries from all but your router to thwart that. 

----- Original Message -----

From: "Pete Hardie" <pete.hardie at gmail.com> 
To: "Atlanta Linux Enthusiasts" <ale at ale.org> 
Sent: Wednesday, March 6, 2013 10:27:05 PM 
Subject: Re: [ale] selective DNS server for DHCP clients? 



A followup, for those interested in the results 


I think that I have found a working configuration. I currently have dhcpd running, supplying a few fixed IPs for my DVRs, and pointing them at my WIRNS server for replacement guide data, and I was able to set up another MAC-specific stanza to point 

my Nook to use my desktop as its DNS, which is handled by dnsmasq. I set up dnsmasq to map reddit.com to 127.0.0.1 and it appears to do what I want - fail to load that site. 


I could use dnsmasq to supply the DHCP, and may switch to that once I feel that everything else is working totally to my satisfaction 


Thanks again to all for the suggestions and war stories about blocking your kids' access! 




Pete Hardie 
-------- 
Better Living Through Bitmaps 


On Thu, Feb 28, 2013 at 3:24 PM, Ron Frazier (ALE) < atllinuxenthinfo at techstarship.com > wrote: 





Mike Harrison < cluon at geeklabs.com > wrote: 

>On Wed, 27 Feb 2013, Pete Hardie wrote: 
>> Thanks - I'll take a closer look and see if I can wrap my head around 
>it. 
>> and to the list - I think that dnsmasq will do what I want, since it 
>allows specification of a DNS server for the DHCP clients, and can be 
>configured to not 
>> be the DNS server for the host, leaving it to use the router and ISP 
>servers. 
> 
>A friend of mine with various ages of children has chosen to 
>incrementally 
>make internet access harder and harder. The two eldest children have 
>developed some serious network hacking skills as a result. His devious 
>goal was less about restricting access to online materials and 
>activities 
>and more about learning how things worked. 
> 
>His most recent step was physically unplugging at around 9-10pm 
>(time for bed),,. and his 14 year old boy discovered "pringles can" 
>antenna technologies as a result. 
> 
>The bad news, and why I know.. is he got enough signal to leach from my 
> 
>house.. where he got sniffed and monitored. I'm not exactly next door, 
>but 
>I am line of sight.. 
> 

No one leaches my wifi since it's encrypted. They could sniff it, but they'd get gibberish. 

Sincerely, 

Ron 



-- 

Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail. 
Please excuse my potential brevity if I'm typing on the touch screen. 

(PS - If you email me and don't get a quick response, you might want to 
call on the phone. I get about 300 emails per day from alternate energy 
mailing lists and such. I don't always see new email messages very quickly.) 

Ron Frazier 
770-205-9422 (O) Leave a message. 
linuxdude AT techstarship.com 




_______________________________________________ 
Ale mailing list 
Ale at ale.org 
http://mail.ale.org/mailman/listinfo/ale 
See JOBS, ANNOUNCE and SCHOOLS lists at 
http://mail.ale.org/mailman/listinfo 




_______________________________________________ 
Ale mailing list 
Ale at ale.org 
http://mail.ale.org/mailman/listinfo/ale 
See JOBS, ANNOUNCE and SCHOOLS lists at 
http://mail.ale.org/mailman/listinfo 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130308/d2dc96ad/attachment-0001.html>

More information about the Ale mailing list