0
I've Googled this but just keep getting either Windows related results or results relating to authenticating to a known network.
Basically, I have set my kids computers with Linux Mint and configured the wireless network with OpenDNS DNS filtering to enable only family safe sites (yes, I know it's not 100% reliable blah blah blah). They don't have permission to add new, or edit existing, network connections. They don't know my sudo password and they are not in the sudo group and they can't access the router admin page. USB ports are disabled.
I want to avoid them being able to connect to a wireless hotspot that might be activated on the phone(s) of one of their friends mobile phones when they visit. As it stands, all that it takes to bypass my network setup, USB deactivation (which prevents USB tethering of course) and OpenDNS is for them to scan for a new wireless hotspot running off their friends device and then they can connect to it.
So, I want to know how I can lock the system to only connect to the existing wireless connection running off my router, which I have controlled and configured and route through OpenDNS.
I also need to prevent them being able to add a VPN connection, which I think a regular user can do without admin rights? Correct me if I'm wrong.
Any ideas? (yes, I know I can't stop them accessing stuff when they are out and about etc etc and I know I'm being too protective - this isn't a post about family ethics or responsible parenting - it's about restricting and controlling as best I can what they access for the hours that they are home)
Gizmo_the_Great
Posted 2015-11-14T19:12:17.107
Reputation: 493
1You are aware that OpenDNS only protects DNS lookups, correct? it has nothing to do with the traffic going in and out of the router. You may want to look at installing something like Dansguardian, which would be running directly on the device. You may also be able to set the DNS server for the device to OpenDNS. I presume you have your OpenDNS account set up in your router to notify OpenDNS servers of your IP address, so it isn't 100% necessary to only limit the DNS lookups that go through the router, as you can just set the computer to directly query OpenDNS. – Paul – 2015-11-14T23:42:52.890
Yes - each computer has it's network settings setup to route through OpenDNS IP's. So my computer isn't filtered by it, but theirs is. And because they can't edit the network connections, this helps restrict their computers, unless they can connect to another wireless network, thus the question. – Gizmo_the_Great – 2015-11-15T08:17:26.213
1Although I've never tried it, I'm pretty sure a user without DNS can load a webpage by typing its IP address. – Paul – 2015-11-15T14:28:04.467
I appreciate the input, but the post is primarily about forcing Linux to connect only to one approved wireless device, instead of any that it can detect within its wireless range. Less about the ins and outs of OpenDNS. – Gizmo_the_Great – 2015-11-17T17:52:27.550