openDNS and Blocking port 53

So I've started using openDNS on my router. I know that it's probably not very popular here but I really like the content blocking options it gives me. I now feel safer letting my kids use their Kindles, Nooks, iPads, iPods, PS3, xBox, and Smartphone's on my network. It also helps protect my network from sites that load Trojians and other Malware. Everything is controlled at the router level and not at each individual client. Also with my Netgear n900 router I can run a small resident program to bypass the blocking using a password if needed. Of course the coolest thing is all this is free.

One problem is that I found that in about 30 seconds I could easily bypass the router's DNS blocking on the client device (iPad was used. I'm not going to publish how it's done incase some low tech kid does a Google search. Anyone with a simple understanding of DNS will know what I did). It was just too easy. I then remembered that DNS uses port 53 and so I blocked that on the router's firewall for all client devices. The router is the only device that has access to DNS and it's forced to use the openDNS IP address with blocking and parental controls enabled. Now I can't get around the DNS and blocking without knowing the router's login and password. This is good.

Fellow Geeks, Are there any other changes to my settings that I should be doing to tighten up bypassing the router's DNS address filtering?

 

If your kids are smart enough to muck around with DNS IPs to bypass some filtering you've set up, then you're in for a rough ride

 

haha i always wonder if I'll have kids as nerdy as me...

if they discover the Tor Browser...well thats one way around DNS control. Plus, if they know how to change DNS settings in Windows they could easily change it to a DNS, like Google's DNS service.