How to block DNS bypass.

You are here:
< Back


The number one technique used to bypass Internet content filters is to change a devices local DNS server settings, i.e. DNS Bypass.

How to prevent DNS Bypass.

Every device that can browse the Internet will have local DNS settings. If a savvy user has access to change these settings, they could bypass Kibosh web security. There are a few ways to prevent this.

Option 1: The Kibosh Router blocks DNS bypass by default.

NOTE: In addition to blocking DNS Bypass, Kibosh Router 2.0 blocks Tor, DoH and many Malware transmission ports for a very protected and worry free network.

Option 2 Outbound Port Forwarding: Using a private router – after you have configured your router with Kibosh Nameservers, and if this router supports outbound port forwarding, you can redirect UDP 53 (DNS) to port UDP 5353. This will force all outbound DNS queries to Kibosh’s servers at the router level.

Option 3: Upgrade your router’s firmware to Gargoyle, or DD-WRT. These router operating systems will add Enterprise grade features your SOHO router does not have. One of those features is an option to ‘force clients to use router’s DNS’.

NOTE: More information on DD-WRT can be found at ProPrivacy.com/Guides/DD-WRT.

Unfortunately, individual configurations are not something Kibosh is able to assist in supporting, as each firewall or router has a unique configuration interface and these vary greatly. If you are uncertain, you should check your router or firewall documentation or contact the manufacturer to see if this is possible with your device. If you would like assistance with your router please call support.


Internet Security and Parental Controls.

Tales from the blog!