PDA

View Full Version : Internet blocking to keep kids offline - techie question



Breadfan
04-24-2006, 12:27 PM
So first a little background...

I have a younger sister who is about 12 right now. A year or two back she was very interested in computers as they are one of my hobbies and she used to always see me building and customizing them.

So around that time, I gathered up some spare hardware, and ordered some stuff online. I gave her a box of parts so she could learn about them, and we put the computer together and loaded Windows. I even had it dual boot with Mandrake Linux, which is since no longer setup that way due to the hard drive failing and me being lazy on the reinstall. :)

Put some games on it, word processor, etc, and we would play LAN games.

Now I live further away, so if we want to play online games she must use the Internet.

Considering her age, I want her to be able to play games online with me or my friends/family, but do not want her to have Internet or chat access on this computer as it is not within easy site of my parents who could control her access. I think the reasons in this day and age are obvious.

So basically, I want to block internet and chat ports outgoing, but allow game ports, like 2222 for Unreal Tournament.

My original thought was to take some of my spare hardware and build a small FreeBSD server with iptables and have it block ports from her IP and give her a static IP. But in reality, that wouldn't fit too well in their network, a mix of wireless and wired LAN.

I setup their network, they have a linksys B wireless router. Downstairs my brother has a bridge which links to a wired 100mbit LAN. They both sit off the wired lan which just runs on a few small switches. (They don't get reliable wireless down there due to where the wrieless router is, and allows for fast data transfers when I had my fileserver there.)

So anyway...I'm thinking the bsd box may be too complicated. I would basically have to set it up as a router and put my sisters comp basically in a DMZ so she'd have her own firewall between herself and the rest of the LAN.

Then I thought, you know, there must be tons of software for Windoze that does this. So...do any of you have experience with any of the internet and chat blocking software? Or maybe a firewall for windows that blocks outgoing ports and where the service can be hidden or passwd protected?

Also, I'll have to figure out what ports to block for the chat software. I think AIM is dynamic in it's port usage. So I could just block everything and unblock ports she can use, but everyime she installs a game I'd have to findout what port and unblock it - and if I can't do it remotely it means a trip there.

So...I'm sure others have been faced with similar situations. Any tips? I'm still tempted to do this the "cool" and totally overkill way with the BSD talk but I can see myself being easily convinced to go with a simpler route. :)

magindat
04-24-2006, 12:57 PM
Use windows XP's built in firewall. Configure as admin. Give her a user level account. Block everything, then unblock per app.

KillJoy
04-24-2006, 01:16 PM
Use windows XP's built in firewall. Configure as admin. Give her a user level account. Block everything, then unblock per app.

:banana2:

KillJoy

fastblackmerc
04-24-2006, 01:29 PM
You should be able to configure your router to do the same....

MENINBLK
04-24-2006, 01:35 PM
So basically, I want to block internet and chat ports outgoing, but allow game ports, like 2222 for Unreal Tournament.

And for a 12 year old, you think Unreal Tournament is tamer than the internet ???

No matter what you do, nothing beats COMMUNICATING with your sister.
My son has had a PC with internet access since he was 18 months old.
He is free to go online and access the things we give him permission to,
as long as he lets us know what he is doing online.
My son is now 9 years old.
He spends most of his internet time on cartoonnetwork.com,
and searching for Yu-Gi-oH cards for us to buy him.
How do I know this ? Router Logs...

You can't block everyting from a kid because they have nothing else to do
but to figure out how to get around it.
And the harder you make it for them to get accesss, the more determined they will be to get access.
They have friends, and they will talk to their friends who will figure out
how to grant them access, and it will all be done without your knowledge.

So instead of worrying about it, it is better for you to educate your sister
about the things on the internet that she needs to worry about,
and the things on the intenet that have you worried about giving her access.

If she has a good head on her shoulders, she will accept your advice and
be wary of the places she visits while surfing the web.

RR|Suki
04-24-2006, 02:04 PM
And for a 12 year old, you think Unreal Tournament is tamer than the internet ???

No matter what you do, nothing beats COMMUNICATING with your sister.
My son has had a PC with internet access since he was 18 months old.
He is free to go online and access the things we give him permission to,
as long as he lets us know what he is doing online.
My son is now 9 years old.
He spends most of his internet time on cartoonnetwork.com,
and searching for Yu-Gi-oH cards for us to buy him.
How do I know this ? Router Logs...

You can't block everyting from a kid because they have nothing else to do
but to figure out how to get around it.
And the harder you make it for them to get accesss, the more determined they will be to get access.
They have friends, and they will talk to their friends who will figure out
how to grant them access, and it will all be done without your knowledge.

So instead of worrying about it, it is better for you to educate your sister
about the things on the internet that she needs to worry about,
and the things on the intenet that have you worried about giving her access.

If she has a good head on her shoulders, she will accept your advice and
be wary of the places she visits while surfing the web.

good call... but if you still wanna restrict her, any firewall (even windows firewall) can block any program you see fit. Make her user and set what programs can access the net as the admin... game set match

ckadiddle
04-24-2006, 02:11 PM
..............

Breadfan
04-24-2006, 02:24 PM
True, communication is good. On the other hand, her computer is in her room right now, and not easily supervised. Yes, the router does do logging which can help.

I'm simply concerned becuase I was the one who facilitated her having the computer. Had I not gotten her these parts and helped her build it, she probably wouldn't have it. (It's a pretty nice system, tricked out too, partly selfish on my part, all of a sudden birthdays and Christmas gift ideas were easier - UPGRADES!)

My parents are not as technical as I am. So, any solution I put there needs to be robust enough or transparent enough that they don't have to worry about it. They might not know how to login to the router and check logs, though Im' sure they could be taught.

Since I facilitated her having the computer, I feel responsible for her ability to spend time online. I'm not limited her access to the online world, just making it so she has to be online on my parents computer which is in a more open environment so they have the option of limiting her online activity and time. She would still have full and complete access from that system.

Maybe just talking to her and turning on logging and letting her know we can see when hse is online would be enough. But at the same time, I just figured blocking it all from that system is easier.

In the end, I'll leave it up to my parents to decide what's best. But, i should be able to provide the ability to limit things, and by default I should be err'ing on the side of caution here.

As for Unreal Tournament, we've been around the discussion table on that one. I see nothing wrong with video games like that, and neither do my folks. There are some games with much more mature themes that they may feel differently about. Unreal is basically a sports game with guns and gore.

As for her being online, it's even not so much what she goes and does so much as what outsiders try to do. That's a can of worms I have the ability to prevent from being opened, so I intend to prevent it.

But yeah, the video games don't seem to big of a problem in my eyes. Heck I was watching Rambo movies when I was 5. Unreal Tournament has gore and such, but the theme of the game is not really all that mature.

And really she can go visit Unreal Tournament sites, and do all that stuff, it's the predators and savages out there that worry me.

And if I build a BSD box and she learns how to hack into it and change the iptables settings then holy crap I'll give her tons of credit for that!

Windows firewall won't work, she has Win2k, and I gave her Admin rights and told her to play around on the OS, I said learn all you want, play around, you can't break it. If you do, I'll fix it, and you'll learn something new.

But good point, I know McAfee for one makes firewalls that block outbound ports. So long as you can make it password protected and password protect the uninstall that should do the trick.

Thanks all for the input! :) :beer:

Breadfan
04-24-2006, 02:25 PM
And for a 12 year old, you think Unreal Tournament is tamer than the internet ???


Wholeheartedly YES on that one! :)

Unreal is downright goofy compared to the 'net.

SergntMac
04-24-2006, 03:58 PM
I am not a parent, nor an older brother, but I respect your concerns. I have been a Police Firearms Instructor where I taught cops of all flavors how to defend themselves in a lethal contact. I taught them how to hit their target when it's trying to kill them, and I taught them a legal framework for survival of a deadly force confrontation. I could not tell them when to shoot, that's their decision. I was also a Field Training Officer doing likewise in teaching rookies how to provide police service to the public. Showed them all the tricks, again everything but their "when", 'cause that's their decision. Yes, I have sympathy with you, let me put it this way...

One day this young lady may ask you to teach her how to drive, and only a hard-hearted man could say no to his little sis. You will teach her how to drive and prolly in your Marauder too. But, once she is licensed, you can't control where she drives. She will drive where her heart wants to go.

Your answer here is not in restricting her access on-line, but teaching her why she needs to be wary, and why she needs to impose and respect her own limits to on-line adventures.

BTW, it's not all bad. Look at what's happened here between us? Lot's of trust pushed out to strangers, with little disappointment in return. Sure, we're not kids (not always anyway), and this MM.Net stuff isn't as tempting...(I think). But, break it down and it's not much different for us adults here than it is for kids elsewhere in other topics.

Moreover (here in Chicago), every public library has a bank of computers available for unlimited exploration of the "information superhighway", so does all of her friends I suppose. All that's needed here is a library card, and what kids can't do at home is eventually discovered to be available outside the home. Hell, between 1962 and 1964, I smoked my first cigarette, drank my first beer, and got my first blow...Nevermind. My point is, none of that happened at home, nor with any parental quidance or prohibition, get me?

Your gift of a computer and your teaching to your sister isn't what you need to worry about. If you gave her the skills to build a computer, and challenged her to explore its software underpinnings, she will figure all of it out on her own.

Her maturity...How to use all that, should be your focus. If everyone in her immediate family has done their jobs in guiding this young lady towards responsible maturity, there shouldn't be much to worry about.

Not a perfect answer, I know...Just my .02C.

MENINBLK
04-24-2006, 04:10 PM
My parents are not as technical as I am. So, any solution I put there needs to be robust enough or transparent enough that they don't have to worry about it. They might not know how to login to the router and check logs, though Im' sure they could be taught.

Most routers come with a reporting application that can be targeted to one PC.
Setup the PC with a static IP, and set the Router to target the logs to that IP.
Setup a shortcut on the PC's desktop to run the app.
When you run the app on that PC, you can see the logs very easily,
without having to log into the router.


And really she can go visit Unreal Tournament sites, and do all that stuff, it's the predators and savages out there that worry me.

This is what you should be worried about, but they can't get to her through a firewall,
they get to kids through other websites, like MYSPACE.COM.
These website work just like MM.net, and you can't block these.


...I know McAfee for one makes firewalls that block outbound ports. So long as you can make it password protected and password protect the uninstall that should do the trick.

There are a lot of OTHER siftware products that can give you excellent
protection for your PC against hackers, spyware and Virus'.
Stay away from McAfee, Norton, and ZoneAlarm, and you'll be amazed
what is out there, how much better it is, and how easy it is to learn.

MikesMerc
04-24-2006, 06:43 PM
I'd leave the networking settings alone and just get her CyberNanny. It is defeatable, but you'd know it if it was hacked. It does a great job of keeping unsavory content off the browser. Its just about fool proof in blocking porn.

Again, it can be defeated by an entrepreneuring adolescent, but at that point internet priviledges can be revoked permanently.

magindat
04-25-2006, 05:16 AM
Have to agree with Mac on this one. With my 12 yr old, (who started browsing at 10) I talk with her about what's out there and what to watch out for. She has free run of the net. However, she knows I log and have VNC in silent mode to watch any time.

Good luck.

Breadfan
04-25-2006, 06:31 AM
Well I honestly don't have a problem with her access so long as my parents are OK with it. I'll have to sit with them and discuss it, see what they want, because really in the end that's what matters.

I do agree that talking to her, and discussing the dangers is best. I think we've done a pretty good job of that. And trust me, someone trying something wouldn't get very far.

At the same time, I can't help but agree with statements above, like what Mac said. But really, all those things you mentioned, were you 12 when you did them? That's what pops in my head...

Anyway, I can see there's a whole nother discussion here, honestly an interesting one. :) I'll be honest too, I have the "worry" gene, I think I got it from my mom. I just start out thinking the worst...then I think even worse than that.

So you can imagine how this started to take a high priority on my to-do list.

But like I said, I'll just talk to my parents, explain the options to them, and even give them some snoop tools, like VNC which is a good idea.

I know my parents, and I know our attitude - there's no need to rely on nanny programs, unrestricted access can be given through trust, parenting, and conversation.

I guess the big question is that she has unrestricted access on their computer. Should she have it on hers where it's harder (right now atleast) to keep check on her? 'Cause with a firewall we could block the 'net, keep her games, and overtime loosen the reigns as she gets older. Definitely I discussion I need to have with them.

I guess I'm falling behind the times - when I was a kid if I had my own computer it was a hand-me-down that didn't do much. Now-a-days families have a computer for everyone just about. With today's connectivity and access to content (and vulnerabilities) I guess this is a question that has to be considered. Never really had to think about this one when I was growing up, I just got yelled at for playing my Texas Instruments TI-94/A too much oh and then when I recorded some BASIC programs accidentally over one of my dad's data "cassette" tapes. LOL.