PDA

View Full Version : Web Nanny Software for Linux?



Exodist
September 1st, 2009, 08:51 AM
I have a friend that is a pasture and wants to let his kids on the internet, but is in my taste a little over bearing thinking something is going to jump out at them at every corner.
Well anyway he has been running windows and after talking with him today, seems Linux would be better for him and he is very excited. I was wondering if there was anykind of web nanny type of software for linux that we could use to help block out porn sites and what not from his kids so he wouldnt have to stare over their shoulder while doing school work.

Thanks,
Exo

Viva
September 1st, 2009, 09:32 AM
Have you tried Ubuntu Christian Edition (http://ubuntuforums.org/forumdisplay.php?f=168)? It comes with dansgaurdian, a content filter.

Exodist
September 1st, 2009, 10:05 AM
I havent tried Ubuntu CE. Thank you for pointing that out. :-)

Bölvağur
September 1st, 2009, 11:52 AM
I think pop-up blocker should be enough for your son.
I highly doubt he'll ever willingly go onto a port site, specially if the pc is placed in the livingroom. So if that is true then there is a little need for dansgaurdian or any other website blocker.

Why do I say popup/ad blocker?
Well that is because even though the website that is advertising it self is being blocked, the popup isn't. I havent seen this in many years though, so even that might not be something to worry about.

But then we come to what you actually wouldnt want your son to see are internet shocksites like Goatse. Those cannot be blocked out as they are normally on many servers, put up for a short period of time, just to post a link on a forum or send via IM (msn, skype, jabber... etc) to give them a bit of a shock... or a bit of a vomit on their keyboard.

What I am saying, you'll have to trust him to be smart. But if his father is going to get Ubuntu CE just because 1 program is there instead of getting the standard package and compile it him self, then I worry no matter how many website blockers and even though if you have your own domain name service (look for openDSN). There is no way to block malicious content from people that just randomly click links.
Being smart = good
Being dumb = good... but not as good.. actually it's a tiny bit worse.

stwschool
September 1st, 2009, 12:32 PM
A very quick and efficient way is to change the DNS servers to use OpenDNS. I use it for our blocking at school to keep the kids focused on work, rather than chat/youtube/anything else of that ilk. They have a control panel which allows you to filter sites by category and individually, and it's constantly updated. I've got a script I picked up somewhere on my interweb travels which you can set to run once every 10 minutes if they're on dynamic IP, so as to keep things working. Let me know if you want it.

Btw, as Bölvağur said, your biggest problem is dynamic content (ie anyone can post goatse on here, it's a safe site though so no-one would block it). You'll have to trust him.

blueturtl
September 1st, 2009, 01:32 PM
Or you could install the BlockSite extension for Firefox (https://addons.mozilla.org/en-US/firefox/addon/3145) and just filter certain types of URL structures and keywords.

wildman4god
September 1st, 2009, 01:41 PM
A better way is to use a router with the filter built in, so that way no matter what os or device he uses even if he boot a live cd it will protect him. Check it out here. (http://residential.iphantom.com/)

Question: How tech savvy is the pastors kid?

Dragonbite
September 1st, 2009, 02:01 PM
If they want to lock down his internet activity they could also use Glubble (http://www.glubble.com/).

This is just one of a few. Recently there was an article that reviewed like 5 of these type applications/sites but I don't remember from where.

frrobert
September 1st, 2009, 03:53 PM
A better way is to use a router with the filter built in, so that way no matter what os or device he uses even if he boot a live cd it will protect him. Check it out here. (http://residential.iphantom.com/)

Question: How tech savvy is the pastors kid?

You may not need a special router depending upon your current router. If you use Open DNS you just set the DNS settings in the router to Open DNS and many routers support sending your new ip address to open dns if it changes. You just need to configure the router.

That way the open dns filter is always in place no matter what is done on the computer.

jamest09
September 1st, 2009, 04:38 PM
Dansguardian

wildman4god
September 1st, 2009, 04:50 PM
You may not need a special router depending upon your current router. If you use Open DNS you just set the DNS settings in the router to Open DNS and many routers support sending your new ip address to open dns if it changes. You just need to configure the router.

That way the open dns filter is always in place no matter what is done on the computer.

the specific router I suggested has a much more complete filter solution, an incomplete filter is as bad as no filter at all, I have tried opendns and it has no ability for white and black list in case in over or under blocks websites. and dansiguardian can be easily turned off or uninstalled and the reason I asked how tech savvy his kid was, if he knows about linux live cd's he could just use that to by pass a filter installed on the computer he's on, thats why I perfer a hardware based solution, besides the router I suggested is actually a wireless a, b, g, and n router for $40, which is pretty cheap for a wireless n router.

Dragonbite
September 1st, 2009, 06:30 PM
I use a second computer with 2 NICs and IPCop and DansGuardian installed.

It is right off the modem, and the wireless hub in on the "inside" of the network. That way anybody getting on my network (wired or wirelessly) has their internet activity pass through the content filter.

This also means, a LiveCD will not bypass the parental controls installed and set up on a computer. Neither will be a friend bringing their laptop or iPod touch into the house.

The only way to bypass is to re-route the network cables from the IPCop box to directly into the router/switch.

So my next move is to place all of that (phone line converter, DSL modem and IPCop box) into a cage so the only internet access anybody has is the cable dangling out of the cage.

That is, once they find it... :)

frrobert
September 1st, 2009, 07:05 PM
the specific router I suggested has a much more complete filter solution, an incomplete filter is as bad as no filter at all, I have tried opendns and it has no ability for white and black list in case in over or under blocks websites. and dansiguardian can be easily turned off or uninstalled and the reason I asked how tech savvy his kid was, if he knows about linux live cd's he could just use that to by pass a filter installed on the computer he's on, thats why I perfer a hardware based solution, besides the router I suggested is actually a wireless a, b, g, and n router for $40, which is pretty cheap for a wireless n router.

I totally agree with you a hardware solution is the best. That is why I suggested opendns using the router.

You may not have tried opendns in a while but it does support white and black lists

The advantage of Open DNS is cost if you already have a router that will deal with the dynamic ip address update issue the cost is $0 versus $40 bucks for the new router and the $60 a year subscription fee for the product you suggested.

steveneddy
September 1st, 2009, 07:30 PM
pasture?

A field has children?

That surf the web?

Amazing....... O_o

oldos2er
September 2nd, 2009, 01:07 AM
pasture?

A field has children?

That surf the web?

Amazing....... O_o

Maybe he's a Louis Pasteur...? :)

aktiwers
September 2nd, 2009, 01:43 AM
http://www.opendns.com/

Xbehave
September 2nd, 2009, 03:31 AM
opendns can be bypassed by looking up sites with dig and then going straight to the ip

The ideal solution is doing the blocking on the router, but it sounds a lot like effort. In addition if the PC has wireless and there are opn/wep access points nearby then without securing root you've done nothing!

No matter how tech savey the kid is, if you secure root*, he will not be able to turn of DansGuardian/etc

*This includes bios password,grub password,etc

doorknob60
September 2nd, 2009, 04:33 AM
A better way is to use a router with the filter built in, so that way no matter what os or device he uses even if he boot a live cd it will protect him. Check it out here. (http://residential.iphantom.com/)

I had one of those, and sadly, I can't recommend it. It filtered things good and all, but it slowed the internet speed down significantly (I got speedtests in the 2mbps range instead of the 7mpbs range like I do now). I'm sure it was a bad unit or something, but yeah. I do how ever recommend OpenDNS (http://www.opendns.com/), which is free and will work with almost any router, and with password set up right, it can be just as effective as an iBoss. I use it and my internet's actually faster. And ironically it actually filters stuff better too IMO, and it has a better interface. I do recommend it :) As long as he's not like an uber-nerd that's desperate to get to a blocked site it will do fine.