OpenDNS Family Shield – Simple internet filtering for families

There’s been lots of debate recently in Australia regarding the compulsory Internet filter the government is currently working on. For this article, I will be putting that debate aside and focusing instead on the simplest way to protect your family from the less desirable aspects of the Internet.

First of all you need to understand that any Internet filtering (yes, including the government’s) can be circumvented given enough time and effort. So if you really want to keep your kids safe from the nasty parts of the Internet restrict them to browsing only in a communal area – like the family room or kitchen where others can always see what that are doing. However, in this modern era of portable devices and wifi, this solution is not always practical and so a filter is the next best option.

I have tried many software based filters (a program you install on your PC) and they all suffer from fundamental flaws:

  1. False positives. Declaring something “bad” when it isn’t.
  2. Speed. All browsing must go through the filter and be checked. This takes time and can seriously impact your speed.
  3. Easy circumvention. All of the software solutions I tried could be avoided by anyone older than 10 year old or take so much “locking down”, they are impossible to configure properly by untrained, time-poor parents.
  4. Cost. All of the solutions charged something per month or per computer as subscriptions like many virus scanners.

So software based internet filters cost too much and simply just don’t work and a better alternative is needed.

One popular and technically elegant solution is something called OpenDNS. It requires no software, is very reliable, fast, free and completely customizable.

OpenDNS utilises a basic feature of the Internet – the Domain Name Service (DNS).  DNS is just a way of translating domain names from human form to something computers understand – a series of numbers known as an address. It works like this, you enter a domain name into your browser – e.g., your browser immediately sends the domain portion of it ( off to its current domain name server which translates the name into an address which looks like Now your browser can connect to this address and show the site’s home page. Simple, cool and works – billions of times a day.

For most people, their Internet Service Provider (ISP) provides the DNS service and it is automatically setup when their router/modem initially connects. That’s the “default” setting – but it doesn’t have to be that way.

OpenDNS works by providing an alternate DNS service that only does the name to address translation for sites which are “allowed”. If a site is “not allowed”, the user is presented with a page saying “This domain is blocked because it contains….” instead. To make the service truly open and egalitarian, OpenDNS leave it up to their user community to categorize web sites. People “vote” on how a specific site should be categorised – enough votes and the category will be applied to the site. You get to decide which categories of web sites you will allow on your network and those you will not.

As long as you agree with the majority, you can pretty much rely on OpenDNS’s classification of websites. Its all open and public – there are no secret black lists managed by classification bureaucrats. And, if you don’t like the classification of a particular site you can override it specifically for your network.

Setting up OpenDNS is simple. All you need to do is tell your browser to use their DNS service rather than your default service provided by your ISP. You can do this on each PC if you want but its tedious and easier to workaround. The best and most secure way is to change the settings in your router as that will ensure everyone in your household will be protected – including all the wifi connected devices.

To configure your router you need to connect to it and login. If you are unsure how to do this, check the manual or start up guide that came with the router. If you have lost the manual look up the model number on the Internet – most are available for free download.

Usually, your router can be configured through a browser. You just need to know what address to enter. Its usually something like or or etc… If you get it right you will be prompted for a username and password. You need to enter the admin username and password for your router. If you have not changed the default it will be admin/password or admin/admin.

OpenDNS have a great online guide here for setting up their family shield product on a variety of routers.

Once you have made the changes do a simple test by trying to point your browser to a site that should be blocked – eg If all is good, your attempt should be blocked.

OpenDNS Family Shield only blocks adult sites and proxy services (which kids can use to get around filters) and if you want to block other sites (like chat, video) etc you may want to upgrade to OpenDNS Basic (which is also free). With the OpenDNS Basic service you get to decide exactly which categories of web site you will allow and those you will not.

With such an elegant solution already available for free for those who want it and can be bothered, one must wonder why the Australian Government continues to persist with its expensive compulsory ISP based filter solution.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>