[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Sheflug] content rating?




> -----Original Message-----
> From: shef-lug-admin [at] list.sheflug.org.uk 
> [mailto:shef-lug-admin [at] list.sheflug.org.uk] On Behalf Of 
> Marcus Hanwell
> Sent: Friday, January 09, 2004 9:07 AM
> To: shef-lug [at] list.sheflug.org.uk
> Subject: Re: [Sheflug] content rating?
> 
> 
> On Fri, 2004-01-09 at 03:19, Denis Nikitin wrote:
> > Hi All,
> > Can somebody recommend a good way to
> > put content rating in place on sites children can surf?
> > I found that curiosity of my little ones is unintentionally 
> can lead 
> > them into
> > wrong places on the net.
> > Any pointers as I am complete newbie to this?
> > I only can guess of some proxy config. 
> > Is there any proven solutions how to do it? 
> 
> Hi,
> 
> I have put a squid proxy in place in a few of the companies I 
> consult for. This involved setting up squid, and then using 
> Squid Guard (http://www.squidguard.org/), and Ad Zapper
> (http://adzapper.sourceforge.net/) as I don't like banner ads 
> much either.
> 
> Squid Guard comes with it's own blacklists, and you can 
> enable any sites it wrongly blocks. You can also take the 
> opposite approach and deny access to all sites on the net and 
> then selectively enable sites you approve of...
> 
> If you use a username/password authentication scheme for 
> squid you can have no restrictions at all on your viewing of 
> the web, or when you are with them, but greater restrictions 
> when you aren't there.

I use squid and squidguard for the office. When my little lad gets his
own machine, I'd planned to restrict the host entries to things like
www.nickjr.co.uk, www.bbc.co.uk, www.littlerobots.com,
www.bobthebuilder.com etc and disable DNS lookups. The only maintenance
would be then making sure from time to time that the IP addresses and
domains remained consistent.

Obviously, this may not be entirely practical in a shared system
scenario.

The suggestion for user/pass authentication on squid would also work,
and my restricted site list could be set up within squid.conf with a few
access lists.

The only other thing is to stop the proxy server being bypassed - easy
if your firewall has a transparent proxy (thinking IPCop here).

-- 
David

___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.