StarDestroyer.Net BBS

I have absolutely no idea what I'm doing here, since I've always scorned the darned things. Regardless, I need some suggestions on internet filters for desktop PCs to prevent users from accessing the usual gamut of piracy/porn/etc. types of websites. It would have to be able to filter traffic on all three of the most popular internet browsers - IE, FF, Chrome. Possibly also downloader clients like torrents or whatever else may be popular. Is there any chance someone around here has experience with this sort of thing? Suggestions would be appreciated; from what I've seen a lot of the programs that come up on Google look like scams in the sense that they're milking clueless parents' money for a program that an intermediate user could bypass with no problem. Free options are a plus.

Do you have to do it on the clients? You could route everything through a proxy and just drop any traffic that you don't like.

That's very much outside my experience. Is there a tutorial anywhere or...? Also, would this allow filtering of prebuilt categories of websites or do I need to define the list myself? Sounds like the latter unless there is already software for it. I'm trying to prohibit a spectrum of sites, not just a couple.

It doesn't need to be specifically on the clients, though not every machine on the network should be filtered.

It seems internet filtering is mainly done through cloud filtering by a third party? Sounds horrible!

How many PCs are you looking to put this on?

1-3, depending on how things work out in the near future. If it makes a difference for there to only be one, then one it is. It is for home use.

I'd recommend Net Nanny, then. 60 dollars for a 3-computer license, a fairly shallow learning curve, high security compared to similar software (although it is fundamentally impossible to have true security against somebody with root access to the machine).

If you want /actual/ security, you don't want your users having access to the computers at all. Put them on consoles and run everything off of a server. That, however, is going to be considerably more expensive and require much more technical expertise to set up. If your end-users aren't the small fraction of the population who are going to just brute force your admin password off of a boot disk the first time they sit down at the machine, Net Nanny should suffice.

Who are we talking about restricting, here? Techies at an IT firm? Office workers and clerks? Teenagers? Children using computers unsupervised for the first time?

A relatively simple way of doing this would be to use OpenDNS to filter out certain classes of sites. Might not work with P2P, though.

HeadCreeps wrote:I have absolutely no idea what I'm doing here, since I've always scorned the darned things. Regardless, I need some suggestions on internet filters for desktop PCs to prevent users from accessing the usual gamut of piracy/porn/etc. types of websites. It would have to be able to filter traffic on all three of the most popular internet browsers - IE, FF, Chrome. Possibly also downloader clients like torrents or whatever else may be popular. Is there any chance someone around here has experience with this sort of thing? Suggestions would be appreciated; from what I've seen a lot of the programs that come up on Google look like scams in the sense that they're milking clueless parents' money for a program that an intermediate user could bypass with no problem. Free options are a plus.

Most routers have a whitelist mode you can put them into. To, for example, only allow access to sites based on domain, and you can use tlds, even.

So in my DIR-655 I gave access to
edu
mil
org (very few sites I was trying to block used .org)
google.com
yahoo.com
gmail.com

etc. Allow access on an as-needed basis.

I'm using OpenDNS for now since it's a free option and I can test the waters with it. P2P can be blocked at the user account level in Windows since I can just set those programs to not be allowed. Hopefully changing of IP/dns protocol can also be blocked via user accounts, but I haven't tried it yet. OpenDNS is a lot more hands-off than customizing my own list of sites, since I don't want to blockade anything except the offending site categories. Failing that, I have NetNanny to try out.

Thanks for the assistance.