To you gurus: How can we restrict access of certain sites web sites on PC?

[pattyjamas]

This is more of an inquisitive and technical question as opposed to
anything else.

On Windows ME or XP for that matter (etc) there is a hosts file. I have
it set it to restrict certain websites for my husbands son.
And it works fine.

However, I guess the boys/students at school know ways around such by
using a site such as www.schoolproxy.com among other sites.

Now if I add schoolproxy.com to the hosts file that would restrict them
from getting to their desired site. But they know a handful of such
proxy redirection sites that can be used to usurp the hosts file.

Anything that can be used at home ore recommended to eliminate
navigation to a site via these and other means?

I am more curious than anything else being interested in tech and such.

Thanks so much in advance
Patty.

 

[David H. Lipman]

From: <[email protected]>

| This is more of an inquisitive and technical question as opposed to
| anything else.
|
| On Windows ME or XP for that matter (etc) there is a hosts file. I have
| it set it to restrict certain websites for my husbands son.
| And it works fine.
|
| However, I guess the boys/students at school know ways around such by
| using a site such as www.schoolproxy.com among other sites.
|
| Now if I add schoolproxy.com to the hosts file that would restrict them
| from getting to their desired site. But they know a handful of such
| proxy redirection sites that can be used to usurp the hosts file.
|
| Anything that can be used at home ore recommended to eliminate
| navigation to a site via these and other means?
|
| I am more curious than anything else being interested in tech and such.
|
| Thanks so much in advance
| Patty.

That's what a FireWall appliance is for.
You add the restricted or to be blocked content on the FireWall and no LAN nodes could then
access the listed sites.

Additionally, this way you manage one loaction, the FireWall, and not all the nodes on the
LAN.

 

[Charlie Tame]

From: <[email protected]>

| This is more of an inquisitive and technical question as opposed to
| anything else.
|
| On Windows ME or XP for that matter (etc) there is a hosts file. I have
| it set it to restrict certain websites for my husbands son.
| And it works fine.
|
| However, I guess the boys/students at school know ways around such by
| using a site such as www.schoolproxy.com among other sites.
|
| Now if I add schoolproxy.com to the hosts file that would restrict them
| from getting to their desired site. But they know a handful of such
| proxy redirection sites that can be used to usurp the hosts file.
|
| Anything that can be used at home ore recommended to eliminate
| navigation to a site via these and other means?
|
| I am more curious than anything else being interested in tech and such.
|
| Thanks so much in advance
| Patty.

That's what a FireWall appliance is for.
You add the restricted or to be blocked content on the FireWall and no LAN
nodes could then
access the listed sites.

Additionally, this way you manage one loaction, the FireWall, and not all
the nodes on the
LAN.

And you are naturally going to follow this up with some recommendation as to
the product and an example of such rules?

Charlie

 

[Charlie Tame]

Hi Patty.

People will have different views so I left your question below and here's my
2c (And it is only worth 2c for the reason given).

If you try to outwit a team of kids you will end up with a time consuming
job that may well make the subject of that effort (The computer) a pain in
everybody's neck whilst at the same time encouraging more deviousness so
that you "Think" you are winning but in fact are looking silly. Being
smarter than one's parents is always the aim


You CAN make the machine secure and incapable of getting to undesirable
sites but which ones out of the millions are they? The only practical
solution is to allow "Good" in rather than keeping "Bad" out. At some point
this will rely on your choosing between good and bad and this is where the
time comes in. This may seen as censorship by your son. In other words you
may win the battle but lose the war. Nobody can really help with that
choice.

You can visit some sites that will help you decide, and you can rely on
other folk's choices... the best possible starting point is probably here...

http://www.microsoft.com/windows/ie/using/howto/security/contentadv/config.mspx

Perhaps visiting that site and "Threatening" in the nicest possible way will
do some good.

"Just say no" is often effective but I think it may help if you explain the
dangers of Identity theft, responding to requests for credit card numbers
(Even if you give fake ones) and stuff like that is simply a dangerous thing
to do for the family. Worth mentioning that MS and many big companies are
now very concerned about this, especially where it's associated with
something "Attractive" like porn, pirate software and file sharing
(Something for nothing?) and they are not reacting the way they are and
spending millions of dollars out of self righteousness... they are doing so
because it really IS dangerous and very expensive.

Same can apply to giving info in chat rooms etc.

If you look through the posts here you will see how many problems are caused
by spyware, adware and stupid free stuff that's peddled only to get their
junk on your machine. Perhaps you should ask your son to help you tighten up
the security settings to prevent this kind of thing, that way it doesn't
look like an accusation or something that "You" are doing to restrict him.
Making sure none of you hit this stuff "By accident" is fair.

Unfortunately there's a temptation these days for people to become paranoid,
go to extremes, fall for hype and generally try to "Sanitize" life in
general. If you could keep your kitchen as clean as the sanitizer makers
would have you wish you would end up with "The boy in the Bubble" who grew
up with no resistance to anything. I don't really think there's anything
here you didn't already know, is there?


Charlie

 

[Jon]

You could block access to sites, containing keywords such as "proxy", in a
similar way that adult sites containing certain keywords can be blocked, by
using suitable third party software.

[Disabling "Submit nonencrypted form data", (Tools > Internet Options >
Security > Internet > Custom Level), would be another possible solution,
but it could be easily bypassed eg using another browser]

Jon

 

[pattyjamas]

Thank you all. I will simply take the parenting approach which is
always the best route of course. We have enuffpc.com installed so I can
simply deny time or reward time. However, it is hard to outsmart a
teenager who has other friends who found ways around systems. The
system in question is a stand-alone PC not on a netwok. So I can see no
real way in my brief computer background to restrict sites or IP's when
the son can always find some way around them via prxy bypass things
like schoolproxy.com and others that come up.

There are pop-up blockers that could be instralled to key on key words
and shut the window down but these are not able to be locked down
unless I find some program that is invisible and does not show up in
services, system tray, or anywhere one might look via manus.

Thanks very much.
I like exploring ways via technology but of course good parenting and
looking over the shoulder it helpful. However he gets home from school
b4 I do and can get on the PC to do "homework". And on the weekend I
may run a few errands or such and husband and I may not be there.


Patty

 

[Paul Knudsen]

This is more of an inquisitive and technical question as opposed to
anything else.

On Windows ME or XP for that matter (etc) there is a hosts file. I have
it set it to restrict certain websites for my husbands son.
And it works fine.

However, I guess the boys/students at school know ways around such by
using a site such as www.schoolproxy.com among other sites.

Now if I add schoolproxy.com to the hosts file that would restrict them
from getting to their desired site. But they know a handful of such
proxy redirection sites that can be used to usurp the hosts file.

Anything that can be used at home ore recommended to eliminate
navigation to a site via these and other means?

I am more curious than anything else being interested in tech and such.

Thanks so much in advance
Patty.

While if kids want to find porn, they will; firewalls such as Norton
Internet Security can restrict sites easily.

 

[norcam]

Sounds like you could use a program like CyberSitter. No System Tray
icon (if so desired), password protected and highly configurable. Pick
exactly what will and will not be accessible or viewable on the Net by
URL, file type, keyword, CS preset, or any combination thereof. You can
custom employ the program for any (or all) user accounts that you run,
regardless of profile type (Administrative, Power User, Standard,
Limited, etc.). Password protection helps lock it down under your
control. Along with a properly configured firewall, most of your bases
should be covered.

Now someone clever or determined enough might try an end-around or
backdoor hack, but you could nip such efforts by employing adequate
NTFS permissions (though the CS program is nearly unassailable on its
own once PW protected). This would further ensure that file (or exe)
hunting or hacking won't undo your parental initiative. Simply set up a
user account with a different but more limited profile type for the
kids (Limited, Standard, Power User), and then assign or negate
permissions - as you might deem necessary - beyond the default profile.
More often than not the default settings are sufficient.

It goes without saying that giving a youngster access to a computer
with full Administrative rights (as XP sets up by default) is an
invitation for trouble, if not disaster.

Cam

 

[norcam]

Simply set up a user account with a different but more limited profile type for the
kids (Limited, Standard, Power User), and then assign or negate
permissions - as you might deem necessary - beyond the default
profile.<<

This assumes you'll configure your own (or the existing) administrative
account with password protection, and keep that password out of the
kids' reach. While nothing is 100% bullet proof in the mystical world
of computing, a few small implementations like these are generally all
it takes. Fortunately not every kid is a devoted or hardcore hacking
genius.

 

[pattyjamas]

Thanks all.

On the PC in question we have Sygate Firwall running as well as AVG
paid version: anti-virus. I used to be a strong Norton fan but (NIS) it
eats up so much memory. Norton/Symantec as you know bought Sygate of
recent.

Cybersitter is a good choice since enuffpc.com only restricts time and
overall Internet Access (Yes or No).

I have Noads pop-up blocker which can be run in s somewhat of a stealth
mode. Thus I could enter any keywords, urls or wildcards to shut down
windows that come up.

Most of the stuff the kid plays with is Internet based games as opposed
to CD based.

Heck, I recall my husband saying he was spanked as a child and other
things taken away. I think we need to get more strict. And of course
due to the many spankings my husband received, now he is addicted to
spanking. Just kidding--an old joke I stole from Norm McDonnell but
changed it a bit.

Thanks,
Patty

 

[norcam]

LOL. It's a game as old as the hills ... how to beat your parents at
their own game. You gotta love 'em for trying though. Good luck Patty.
CS works remarkably well. Just read up and experiment a little before
final deployment, esp before PW protecting (or turning on any of the
program's timers if you decide to use them).

Cam