On 4/11/2010, at 8:41pm, Jake Moe wrote: > ... > I've caught the 11 year old at home browsing sites he really shouldn't > be. I'd like to implement some sort of filter so that he can only > access "approved" sites, but myself and my o/h can browse whatever we > want. What is the best way to implement this? A firewall? Some sort > of web proxy? Something else?
This is something that you can do in all sorts of complicated manners. But it's really not realistic for one person to maintain a list of porn sites, and even updating lists that you obtain from elsewhere can be a chore. The best blocklists are sold on a subscription basis, and so on. The easiest way is probably to use OpenDNS, and sign up for an account with their filters. You can point your router to the OpenDNS servers and then it will serve DNS to all the client machines on the LAN. If you want to bypass it then you change the DNS on your own PC to point to an uncensored one. A very small minority of capable employees and teenagers are probably capable of bypassing most any restriction. Based on the OpenDNS suggestion, the next level of security is to block at the router all DNS packets from inside the LAN, unless they're going to the router itself (which gets its DNS from OpenDNS on the filtered account). Stroller.
