PPRuNe Forums - View Single Post - Home wifi and restricting others' usage
Thread: Home wifi and restricting others' usage
View Single Post
Old 4th February 2013 | 17:58
  #13 (permalink)  
Saab Dastard
Administrator
 
Joined: Mar 2001
: PPL
Posts: 8,121
Likes: 686
From: Twickenham, home of rugby
Mike,

The thread topic has been expanded by Tableview, so there's 2 questions being discussed - the OP's one relating to the "lodgers", and another relating to a work scenario.

As long as the "lodgers" have admin rights to their PCs, there's no way of preventing them from inserting whatever DNS servers they want in their IP config, and simply bypassing what's in the router or ISP.

If you could block outbound DNS queries on the home router and use the router as a DNS forwarder that could work, but there aren't many home router/firewall/switch/adsl modems/WAPs that support that level of functionality. And as already been noted, on some home devices you can't even specify a DNS server!

Both Mixture and PeterH suggest that you would actually have to provide a separate access method for "lodgers" to achieve the desired result, and I have to agree.

In a work environment a proxy is essential, combined with a firewall blocking ports such that all traffic MUST traverse the proxy. Whether the proxy is a dedicated device or a SW device (e.g. MS ISA server, sorry TMG) depends on budget and technical capability. DNS can be handled in a number of ways, but at least the administrator will have control of it.

SD
Saab Dastard is offline  
Reply
0