Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthorProject51
    • CommentTimeJul 25th 2007 edited
     permalink
    Okey, I have installed INADYN as a service and everything is working fine.

    My problem now is how to block those nasty images when the "SafeSearch is Off" in Google Images.

    I'm currently blocking the domain "images.google.com" But is there a better way? I know about the cookies. But it's useless.

    At leastt in the Altavista.com images, I can put a password... but not in Google.
    =====================
    EDIT:
    I'm now currently just blocking "tbn0.google.com" and "yimg.com" to disable the thumbnails in the Google/Yahoo/Altavista images search.

    Now my son will never see a porn again.:shocked:
    • CommentAuthorahoier
    • CommentTimeJul 27th 2007 edited
     permalink
    Did you block imageshack.us, photobucket.com, myspacecdn.com as well?

    okay, maybe you dont have to block all of those...I think the various "adult" filters will block most of myspace images/content :)

    Why not just block google.com, and make your son use clusty.com or something?

    Or even http://www.zoo.com/ - it's a kid oriented search engine. But I mean, content filters are only so good....nothing is 100%...
  1.  permalink
    I really think that it's a Kaizen sort-of thing...you just have to stay on top of it all the time. ;)
    • CommentAuthorrexter
    • CommentTimeSep 14th 2007
     permalink
    I found it useful us use key word url blocking within my firewall, in addition to Adult site blocking.
    • CommentAuthortng94
    • CommentTimeJan 2nd 2008
     permalink
    Is there a way to use wildcars in domain blocking? I don't want to block ALL thumbnails... Something like this:

    *://*google*/*advanced*
    *://*google*/*safe=off*
    *://*google*/*preferences*

    This was in an article I found here:
    http://www.craigjconsulting.com/googlesrch.html
    • CommentAuthorpdabr
    • CommentTimeJan 2nd 2008
     permalink
    I doubt what you have suggested will work as DNS only resolves the actual domain name, not the directory structure.

    That sort of granular wildcard filtering can be achieved by using something like a squid proxy
    • CommentAuthorkirby145
    • CommentTimeJan 4th 2008
     permalink
    Although DNS can do some good things, blocking adult images is kind of too far.

    However i have for you two choices.

    1: You are using firefox (www.firefox.com)
    You then download the Adblock plus addon (http://adblockplus.org/)
    and block many ads and add filters such as adult content (http://www.fanboy.co.nz/adblock/)
    Adblock plus also lets you add in all the filters you want, with wildcards and all.

    2. You are using the internet
    You download Peer Guardian (http://phoenixlabs.org/pg2/)
    and block many unwanted things as well
    ----
    That's all I can help you with
    Thankful People: david7773
    • CommentAuthorvanguardlh
    • CommentTimeFeb 23rd 2008
     permalink
    Rather than let the kid go directly out from his host through the router to the internet, why not employ some firewalling that is NOT on the kid's host? Some routers have firewalls with sufficient configurability to specify URL blocking and can even wildcard the URL. That means a DNS request with a string containing the "bad" string will not get to the DNS server. If your firewall doesn't have that level of control, you might be able to configure the router to accept connection requests only from your host. Then you enable ICS in your Windows host that you son must use as a gateway to get at the router and out to the Internet. You then use a software firewall on your host that includes the feature to block on wildcarded URLs.

    Many personal software firewalls only permit blocking by destination IP addresses. That is pretty much worthless since a domain might change its IP address, especially for a site on a host that gets a dynamic IP address assigned to it. As I recall, the Online Armor and Comodo firewalls let you specifying URLs (which can even be wildcarded). By blocking on URLs instead of domains, you can even block on a path within a domain rather than on the whole domain.

    If the kid tries to go through the router, he can't because the router is configured to accept connections only from your host (say, by its MAC address). He has to go through your host where you control to where anyone can connect by using your own firewall. If the router has a decent firewall in it then you can let the kid go to the router but the router's firewall rules will block any requests, even DNS queries, that match on the URL block rule(s). Which you do (use your own host as a firewalled gateway or use the firewall in the router) depends on the capabilities of the firewall in your router. My router's firewall rules really suck so I would have to force the use of a firewalled gateway host.

    Obviously it behooves you to restrict physical access to both the gateway host and router (or just the router if you use its firewall rules); otherwise, the kid can reset the setup even if you have password protected your account login for Windows (there are ways to crack the password on Windows accounts). Linux is harder but not impossible to alter. If the malcontent has physical access to a host, and if they have sufficient expertise, they can obviate your security.
    Thankful People: sparko
    • CommentAuthorpueywei
    • CommentTimeFeb 23rd 2008
     permalink
    Or simply go around it. They can easily tunnel their traffic through a non-tagged 3rd party.
    • CommentAuthorsparko
    • CommentTimeApr 17th 2008
     permalink
    By now, I guess project51 has figured out that by blocking
    *.yimg.com
    *.ytimg.com
    you would be "cutting off your nose to spite your face".
    The former hosts Yahoo! interface buttons/icons.
    The latter hosts buttons/graphics which are displayed within YouTube pages.

This discussion has been inactive for longer than 30 days, and is thus closed.