[GLLUG] content filtering

Richard Houser rick at divinesymphony.net
Thu Apr 3 03:06:38 EDT 2008 

Only if you allow access to non-standard ports...  It sounds like you 
have a problem child here.  As far as firewall rules, think blocked by 
default, not the other way around...

Michael George wrote:
> The off-site proxy servers also run on non-standard ports, too, so the
> firewall rules for transparent proxying would also be circumvented, right?
> 
> 
> On Mon, March 31, 2008 6:07 pm, Nathan Hartley wrote:
>>> It's time I get more serious about content filtering at home, now that
>>> my
>> kids are able to get online.
>>
>> I am interested in this as well...
>>
>> I have five children and have been struggling through a similar situation
>> for a while now. My oldest despises restrictions, you know things like "do
>> not installing malware", "do not enter random URLs i.e.
>> www.YourSistersName.com", "do not enter your entire life history into
>> every
>> survey you find on the net" and "do not use web proxies". Though she did
>> get
>> a lesson once when one of the web proxies used her MySpace credentials to
>> vandalize her profile.
>>
>> For me, it not just about protecting my children, it is also about
>> protecting my PCs and home network. And besides, I believe it is
>> irresponsible for parents not draw a line somewhere on these issues.
>>
>> I have ran DansGuardian on an old machine but it was way too slow and I
>> had
>> to "tweak" it often too prevent false positives and negatives. I have
>> heard
>> rumor that it is possible to pay to receive category lists, which might
>> help
>> with the accuracy. I had plans to turn an old server into an Astaro
>> gateway
>> server, as they offer the software and updates free for home use, but
>> after
>> wrestling with it several times and again just this last weekend, the
>> machine appears to be incompatible with their installer. With no error
>> messages, I am guessing the old RAID controller is giving it fits.
>>
>> Right now our main PC, which has to run Windows for various reasons, is in
>> the living room near the kitchen and is running the free K9 Web
>> Protection.
>> Our Ubuntu "homework" PC in the basement is locked down to a select few
>> sites using Dan's Guardian.
>>
>> I am thinking I may have to invest in a decent, low energy, machine to
>> setup
>> as a content filter or install Dan's Guardian on my MythBuntu box.
>>
>> As far as OpenDNS, it works, but is easily defeated by using using IP
>> address. Which wouldn't block my daughter from using a list of web proxy
>> sites IP addresses she got in computer class.
>>
>> In the end I am looking for a centrally managed filter that doesn't get in
>> the way and causes my wife and kids to look for back doors (which are
>> often
>> just as dangerous as the sites they may stumble across).
>>
>>
>> Astaro
>> http://www.astaro.com/our_products/astaro_security_gateway/software_applianc
>> e
>>
>> Another Astaro-like option
>> http://www.clarkconnect.com/info/features.php
>>
>> Blue Coat K9 Web Protection
>> http://www.k9webprotection.com/
>>
>> -----Original Message-----
>> From: linux-user-bounces at egr.msu.edu
>> [mailto:linux-user-bounces at egr.msu.edu]
>> On Behalf Of Michael George
>> Sent: Monday, March 31, 2008 2:16 PM
>> To: linux-user at egr.msu.edu
>> Subject: [GLLUG] content filtering
>>
>> It's time I get more serious about content filtering at home, now that my
>> kids are able to get online.
>>
>> I know there is the dansguardian/squid proxy filter, but I don't want to
>> jump immediately to an approach that requires another computer.  I use
>> LTSP for myself and for the kids, so we're all on the same system
>> (therefore I can't just use mine as the proxy server).
>>
>> I've heard of OpenDNS for DNS-level filtering, but I'm not sure if that
>> will have some loopholes that I hadn't though of...
>>
>> I should have thought ahead more when I got my router.  I put in a Linksys
>> WRT54GL running dd-wrt just recently.  I'm happy with it so far, and it
>> will facilitate a transparent proxy, but it doesn't implement one.  Since
>> I only use it for basic router and firewall tasks, it would be nice to
>> have a content filtering proxy built into it.
>>
>> Anyone here have opinions/advice?  Thanks!
>>
>> -Michael George
>> _______________________________________________
>> linux-user mailing list
>> linux-user at egr.msu.edu
>> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>>
> 
> 
> -Michael George
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user

More information about the linux-user mailing list