Similar solution to blocking things at your local recursive DNS resolver, assuming you have a captive pool of devices, let's say in 10.240.0.0/24) in a LAN, all of which are given DHCP addresses and DHCP-assigned DNS resolvers, and you're in control of a bind9 server that's on the same LAN.
Not going to prevent people with admin rights on their workstations from using another DNS resolver (or VPN, or whatever), but a fairly low effort solution.
Not going to prevent people with admin rights on their workstations from using another DNS resolver (or VPN, or whatever), but a fairly low effort solution.
https://community.jisc.ac.uk/library/janet-services-document...