The number one technique used to bypass Internet content filters is to change a devices local DNS server settings to open servers, i.e. DNS Bypass.
How to prevent DNS Bypass.
Every device that can browse the Internet will have local DNS settings. If a savvy user has access to change these settings, they could bypass Kibosh web security. There are a few ways to prevent this.
Option 1: The Kibosh Router or 360 blocks DNS bypass by default.
Option 2 Outbound Port Forwarding: Using a private router – after you have configured your router with Kibosh Nameservers, and if this router supports outbound port forwarding, you can redirect UDP 53 (DNS) to port UDP 5353. This will force all outbound DNS queries to Kibosh’s servers at the router level.
Option 3: Upgrade your router’s firmware to Gargoyle, or DD-WRT. These router operating systems will add Enterprise grade features your SOHO router does not have. One of those features is an option to ‘force clients to use router’s DNS’.
Unfortunately, individual configurations are not something Kibosh is able to assist in supporting, as each firewall or router has a unique configuration interface and these vary greatly. If you are uncertain, you should check your router or firewall documentation or contact the manufacturer to see if this is possible with your device. If you would like assistance with your router please call support, or check the forum.