0

NextDNS can easily be bypassed on Macbook

Hi all,

Just realised my teenage child has worked out they can go into the macbook air settings and navigate to the wifi network and manually enter a new DNS address to bypass. I might be wrong but I'm sure when I first set NextDNS up this was all locked down. If I set it back to 127.0.0.1 then it starts working again. But they will just revert it back now they know they can.

Is this normal or is something setup wrong. I removed and re-added the profile but still the same.

Thanks,

Aaron.

7 replies

null
    • John_M.1
    • 1 mth ago
    • Reported - view

    That's expected - your only option is to prevent their account on the mac (or create a new account with fewer permissions) from being able to change that setting.

    • Luna.1
    • 1 mth ago
    • Reported - view

    The easiest way to bypass the DNS is to use DoH with IP in the browser, i.e. https://1.1.1.1/dns-query. Every primary school pupil knows this trick by now.

    • Aaron_Lovell
    • 1 mth ago
    • Reported - view

    Thanks John,

    Guess the kids are about to hate me even more.

      • John_M.1
      • 1 mth ago
      • Reported - view

      What Luna said is true as well - if you're kids are really trying to get around your blocks, they may succeed, unless you're able to also block well-known dns providers like 1.1.1.1, 8.8.8.8, etc., which requires a router with configurable firewall.

      Good luck!

    • Aaron_Lovell
    • 1 mth ago
    • Reported - view

    Well I setup NextDNS as it covers everywhere, not just when they are on wifi. Otherwise they just hotspot off their phone and bypass it. So sounds like NextDNS isnt as good as i thought. Just feels like a never ending battle

    • Iko
    • 1 mth ago
    • Reported - view

    False.. "The easiest way to bypass the DNS is not to use the SERVICES!". 

    1. Disable the Apps,
    2. Change DNS settings from nextDNS to cloudflare DNS, in systemOS or browser
    3. by Using Proxy or VPN with settings or apps

             = means Your Not Using their Configuration and/or Sevices.
     

    You can use RECOMENDED configuration for macOS device by click ON YOUR Apple Conf Prof Generator ---> link.  And check the four item, and click Download button, it's only download a file configuration for your Mac. Next follow the instruction ON your Mac.

    THIS ONLY FOR HARDENING YOUR NEXTDNS SETUP ON YOUR MAC PC.

    • Iko
    • 1 mth ago
    • Reported - view

    ** Extra

    My macOS dns setup is automatic DHCP, and trying to block everything on my NextDNS dashboard. You see the result. I use browser FireFox without proxy and other VPN things.

    note: "My ISP don't have IPv6 connection, and they/my country have sneaky blocker."

    The schema is:

    Router    --------  auto DHCP Relay   --------> my MacOS/Device

Content aside

  • 1 mth agoLast active
  • 7Replies
  • 297Views
  • 4 Following