[ale] Old host you want to unload?
Ron Frazier (ALE)
atllinuxenthinfo at techstarship.com
Mon Jul 15 11:30:40 EDT 2013
I have an old 386 machine and a couple of old 486 machines. I doubt you'd want them though.
Regarding work at home vs xbox / packet shaping, etc., I thought I'd throw this out there for what it's worth.
I don't have any xbox, etc., but my wife does work at home, and things I'm doing occasionally conflict with her vpn. Things like large downloads, etc. Sometimes, she would get disconnected, etc.
So, I was looking for quick and easy solution and I found this WD My Net Switch at Frys:
http://www.wdc.com/en/products/products.aspx?id=750
This is a physical gigabit ethernet switch with prioritized ports. My wife is on one wifi router and all my stuff is on another. Her router plugs into the high priority port on the switch, and mine plugs into the medium priority port. Instantly, all her traffic outgoing to the internet gets bumped to the head of the line and mine has to wait if necessary. Usually, any delay I see would only be mS, but her vpn system seems much happier. Disconnects are much more rare now, unless there's a problem outside our house.
Also, I have my router set to throttle my downloads to about 1/2 of our capacity. If I really need the speed, I can switch to a third wifi router which is not throttled, when it won't interfere with her.
Hint, place xbox, roku, dvd player, etc. on low priority ports. 8-)
Works well for me. Just thought I'd pass it along.
Sincerely,
Ron
Jerald Sheets <questy at gmail.com> wrote:
>Ok, I'm at a desk and not on a phone.
>
>
>Let's sort of set the stage, if you will, to clarify a few things.
>
>First, I've raised two boys into their 20's and done this all before.
>Second, I've got a metric crapload of snort processing scripts I've
>written that watch for all manner of icky URL matches on "requested
>sites" and also on Squid's logs to do the same. I took the stance with
>the boys of "trust but verify" which is a very "apple-storeish" thing
>to do. I had transgressions once by each boy that got addressed
>personally and quietly and have managed (aside from the occasional
>pop-up storm) to keep them "porn free" if you will as long as they've
>been under my roof. Anything they've managed outside of the house is
>beyond the scope of my purview, of course, but they pay for their own
>phones now… I can't "control" their intake forever.
>
>Now I'm on "kids 2.0" with my second wife, and they're all girls and at
>ages 3, 6, and 10. The 10 year old has an internet-capable device,
>so, I'm putting the same system back in place with the same scripts and
>logging and automated emails and such. However, their mother wants the
>added protection of content filtering for a couple of years until "aunt
>flo" arrives and she can halve "talk 1.0" with her, but also wanting to
>know what was requested and by what mechanism. Ipcop to the rescue
>again…you can say "no" via automated system, but it's considerably more
>important to know what is being asked for and how. Was it typed in?
>Why is the child interested in that particular topic? (etc. etc.)
>
>Also, having all these folks on the network at home while "mom & dad"
>work from home a lot requires packet-shaping of the Xbox and Rou down
>and web traffic/SSH up. Also, when on the road, I need to be able to
>VPN into my private network from anywhere to do something even so small
>as printing a doc for my wife all the way to rooting around my internal
>net for various reasons. (i.e., you can't hit the time machine from
>the outside)
>
>So, a smallish box with modest means to run a couple hundred meg distro
>for firewalling seemed to be the way to go for us… that's why I asked.
>
>
>TL;DR. (I've done this before.. I just need hardware)
>
>Something else on the topic…. I re-read and it appeared I was *only*
>asking for "free" stuff… I'm not. If you've got something hogging space
>and you're under a "nag order" to get rid of it, please do think of me
>first. And if it requires a few bucks, that's good too. I just wanted
>to work with you guys who may need a few bucks first before giving that
>cash to $company making cheap crap in China. I'd rather buy the cheap
>crap from you instead. XD
>
>
>--j
>
>
>On Jul 15, 2013, at 8:52 AM, Tom Freeman <tfreeman at intel.digichem.net>
>wrote:
>
>> Please forgive the chime in - but...
>>
>> +1 with an observation of sorts
>>
>> A parent still needs to monitor sufficiently to catch a usuable per
>centage (what ever that value is) to ensure that the conversation takes
>place. (I caught a daughter sneaking a viewing of "Flesh Gordon" from a
>copy her late mother gave me. _That_ was an awkward conversation!)
>>
>>
>> On Mon, 15 Jul 2013, Jim Kinney wrote:
>>
>>> In short: don't rely on technology as a role model stand-in for
>children.
>>> I have exactly 0 filters on the feed at my house. none. waste of
>time. Kids
>>> will find what interests them. If it's porn, you're overdue for "the
>talk"
>>> and that one will go on for the next several years. If the adult is
>not
>>> capable of sitting down and watching what they are and rationally
>explaining
>>> what is problematic about it, the child will begin to disregard the
>adult as
>>> an authority figure and view them as just another knee-jerker
>wearing
>>> blinders.
>>> Most kids are wanting to find stuff that's not porn and other "bad
>stuff".
>>> Most kids get embarrassed or grossed out when it accidentally
>crosses the
>>> screen on an errant mouse click. It's far more important to have
>them
>>> understanding that they will not be punished the occasional mistake
>but will
>>> be expected to learn from them. Teach them the "back" button in both
>mouse
>>> and keystrokes :-)
>>> Ron brought up a bigger issue that can't be filtered with current
>tools:
>>> what the kids actually say online to each other. Between 12-13 and
>about
>>> 19-20, girls are vile, horrid creatures to other girls and boys are
>>> brain-damaged monsters with illusions of invincibility. A useful
>tool would
>>> be a screen mirror with recording so the nasty things they say to
>each other
>>> can be replayed, discussed, and used as reasons why privilege A is
>being
>>> withheld. I'm thinking of a chat mirroring tool or email copy
>process. It
>>> will only get to be used once then they will change methods (if they
>are
>>> smart). But that level of guidance, no matter what _they_ think,
>would
>>> benefit them greatly learning how to relate with others.
>>> Besides, once the hormones kick in, they will find a way to find out
>about
>>> it. If the default view at home is "NO! BAD!", they will look
>elsewhere for
>>> answers unless they are totally dominated by helicopter parents.
>Most
>>> commercial porn is crap with subtle and not so subtle overtone of
>violence
>>> against women as themes. It's a challenge to find something that can
>serve
>>> as guidance for humans really relate in bed. And intelligent bed
>banging is
>>> far better than stupid gun banging in the street.
>>> On Sun, Jul 14, 2013 at 9:46 PM, Ron Frazier (ALE)
>>> <atllinuxenthinfo at techstarship.com> wrote:
>>> Hi all,
>>>
>>> Since I brought up OpenDNS, even though I'm a user and a fan, I
>>> should point out some limitations. About 10%, as a rough
>>> guestimate, of the ugly stuff will sneak through the filter.
>>> The purveyers of junk bring up new sites too fast for
>everything
>>> to be in the database. Do not assume your kids will be totally
>>> prevented from getting to any and all "insert bad category"
>>> stuff.
>>>
>>> Also, if your kid knows how to do any of the following, he /
>she
>>> can bypass the filter: choose an alternate dns server on the
>pc,
>>> use a proxy / anonymizer (although you can filter that
>>> category), browse by ip alone without dns, start up a vpn, take
>>> their laptop / smartphone to a friend's house or hotspot or
>step
>>> parent's house. Anything that bypasses the use of the OpenDNS
>>> servers or changes their public ip bypasses the filter. I have
>>> wished in the past that I could tie the filter to a specific
>pc,
>>> but OpenDNS does not provide that as far as I know.
>>>
>>> Internet Explorer provides some built in content filtering
>>> options, which can tie into things like NetNanny (I think), but
>>> I've never used it. Firefox doesn't provide any of that
>>> natively that I'm aware of, but there may be plugins for it.
>>>
>>> I have links to a couple of Christian sites related these
>topics
>>> I could try to dig up if anyone wants.
>>>
>>> Note that, even if they cannot easily access "uglyjunk.com"
>>> because of OpenDNS, they can see links to it in google and
>bing,
>>> and in the latter case, with live video coming though bing.
>The
>>> child's pc need not ever visit "uglyjunk.com" to see some of
>its
>>> content, albeit with smaller pictures.
>>>
>>> You can make things harder to bypass by putting the OpenDNS
>>> servers in your router settings. Then, any pc which just uses
>>> basic dhcp to get it's ip and dns will pick that up from the
>>> router. But, that does not prevent the pc from querying
>another
>>> dns server directly if it wants to. If the pc can get an ip
>for
>>> "uglyjunk.com", it can still visit the site.
>>>
>>> I have heard that you can get hosts files of preconfigured
>>> blacklist sites, then the computer is just directed to nowhere
>>> when they try to get those sites, before even querying the dns.
>
>>> I've never used that though.
>>>
>>> The service also depends on linking your public ip to your
>>> account. That's why going to a hotspot bypasses the filter.
>>> They'll have a different public ip which is not linked to your
>>> account. Even if the pc was set to use the OpenDNS servers,
>>> your personal filter settings would not be in affect. You
>would
>>> still get phishing protection though.
>>>
>>> Since your public ip is subject to change periodically when
>your
>>> cable / dsl modem resets, you need to run a small utility,
>which
>>> I run in Windows, to link your current public ip with your
>>> account and filter settings. You'll have to check on whether
>>> they have a linux utility, but they probably do. When your ip
>>> changes, if the utility runs, the OpenDNS servers get set to
>>> respond to the new ip. If your ip setting utility doesn't run
>>> for a few days, then your filters won't be in affect for a few
>>> days if your ip has changed.
>>>
>>> I do NOT recommend running the ip setting utility on the
>child's
>>> computer. Here's why. Let's say you did that. They go to
>>> starbucks. They login, then the ip utility links STARBUCKS
>>> public ip to YOUR filter account. Your child would then be
>>> subject to your filters, but so would EVERYONE ELSE in
>>> starbucks. That might cause some problems. This would remain
>>> in effect until your child logged into another network and got
>>> another public ip.
>>>
>>> Because ip's change, the system occasionally gets confused as
>to
>>> which account owns which ip. This is rare, but, for example,
>>> let's say there is a disruption at the isp and all the cable
>>> modems get reset. You may end up with what was someone else's
>>> public ip and they may end up with yours. It may take a little
>>> while for the ip setting utilities to set everything straight.
>>> So, the possibility does exist that they could see stuff in
>>> their account logs on OpenDNS that came from you and you could
>>> see theirs.
>>>
>>> One other slight disadvantage of the OpenDNS system is that all
>>> pc's in the house with the same public ip will have the same
>>> filters. You could always active a vpn or proxy on your own pc
>>> though and bypass your own filter.
>>>
>>> Despite these limitations, I found the service extremely useful
>>> and wouldn't want to be without it with a child in the house.
>>> You could gang other technologies on top of this, if you wish.
>>> I still have it active, even though my child has moved out, to
>>> filter out rubbish that I might hit accidentally.
>>>
>>> This is slightly off topic to the original question, but I'd
>>> consider a certain amount of monitoring of my kid's
>>> communications online. Chat, email, facebook, whatever. How
>>> much is up to you. I'd also set rules on who it was
>appropriate
>>> to communicate with. Again, up to personal discretion. You
>can
>>> get books about how to deal with these issues.
>>>
>>> Sincerely,
>>>
>>> Ron
>>>
>>> On 7/14/2013 8:09 PM, Doug Hall wrote:
>>> 27" iMac is sweet. But I agree with Ron. There's no
>>> reason to buy ANYTHING if you use OpenDNS to filter
>>> content. I'm very satisfied with the free service.
>>> Okay, maybe paranoia is a reason. I wouldn't be
>>> surprised to know that OpenDNS is releasing records
>>> to the NSA. But then again, so could your current
>>> ISP.
>>> On Sun, Jul 14, 2013 at 5:03 PM, Jerald Sheets
>>> <questy at gmail.com> wrote:
>>> I do. It's a slamming 27" iMac. :)
>>>
>>> Jerald Sheets
>>> Sent from my iPhone5
>>> On Jul 13, 2013, at 10:20 PM, Jim Kinney
>>> <jim.kinney at gmail.com> wrote:
>>>
>>> Jerald, you're missing the entire point:
>>> Upgrade _your_ machine and give the old one to
>>> the young-uns. Put squid-guard on it and
>>> provide a pile of bookmarks they are
>>> interested in.
>>> :-)
>>> House Rule: Dad ALWAYS has the best hardware unless
>>> someone else is paying for it.
>>> On Sat, Jul 13, 2013 at 10:00 PM, Neal Rhodes
>>> <neal at mnopltd.com> wrote:
>>> I would think you could look for
>>> off-lease "no-os" refurb units on
>>> TigerDirect for maybe $100.
>>>
>>> On Sat, 2013-07-13 at 21:22 -0400,
>>> Jerald Sheets wrote:
>>> Hi all.
>>> I've come to the point where my next generation o little ones will
>be going online, and I'm going to build me a content filtering
>firewall. (Ipcop)
>>> Thing is, I don't have any old hardware and need to get something,
>but anyth
>>> ing I would buy in a store would be overkill.
>>> I'm looking for something P3 or later, mid tower with one drive bay
>is fine and 4-8G of memory. Anyone have anything like that you'd like
>to unload? Jerald Sheets
>>> Sent from my iPhone5
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>> --
>>> --
>>> James P. Kinney III
>>> Every time you stop a school, you will have to build
>>> a jail. What you gain at one end you lose at the
>>> other. It's like feeding a dog on his own tail. It
>>> won't fatten the dog.
>>> - Speech 11/23/1900 Mark Twain
>>> http://electjimkinney.org
>>> http://heretothereideas.blogspot.com/
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://mail.ale.org/mailman/listinfo/ale
>See JOBS, ANNOUNCE and SCHOOLS lists at
>http://mail.ale.org/mailman/listinfo
--
Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
Please excuse my potential brevity if I'm typing on the touch screen.
(PS - If you email me and don't get a quick response, you might want to
call on the phone. I get about 300 emails per day from alternate energy
mailing lists and such. I don't always see new email messages very quickly.)
Ron Frazier
770-205-9422 (O) Leave a message.
linuxdude AT techstarship.com
Litecoin: LZzAJu9rZEWzALxDhAHnWLRvybVAVgwTh3
Bitcoin: 15s3aLVsxm8EuQvT8gUDw3RWqvuY9hPGUU
More information about the Ale
mailing list