[ale] Old host you want to unload?
Wolf Halton
wolf.halton at gmail.com
Mon Jul 22 20:25:03 EDT 2013
I raised 2 kids and the only control I put on their kid-puter was básic
Windows users with no install privileges.
The one time my darlin daughter hit a porn site, she was searching for girl
scout cookies. She was shook up and really learned ad-aware, ccleaner and
all the other malware removers then.
Digital nannies remove chances for learning experiences.
Wolf Halton
--
http://wolfhalton.info
Apache developer:
wolfhalton at apache.org
On Jul 15, 2013 10:20 AM, "Jerald Sheets" <questy at gmail.com> wrote:
> Ok, I'm at a desk and not on a phone.
>
>
> Let's sort of set the stage, if you will, to clarify a few things.
>
> First, I've raised two boys into their 20's and done this all before.
> Second, I've got a metric crapload of snort processing scripts I've
> written that watch for all manner of icky URL matches on "requested sites"
> and also on Squid's logs to do the same. I took the stance with the boys
> of "trust but verify" which is a very "apple-storeish" thing to do. I had
> transgressions once by each boy that got addressed personally and quietly
> and have managed (aside from the occasional pop-up storm) to keep them
> "porn free" if you will as long as they've been under my roof. Anything
> they've managed outside of the house is beyond the scope of my purview, of
> course, but they pay for their own phones now… I can't "control" their
> intake forever.
>
> Now I'm on "kids 2.0" with my second wife, and they're all girls and at
> ages 3, 6, and 10. The 10 year old has an internet-capable device, so,
> I'm putting the same system back in place with the same scripts and logging
> and automated emails and such. However, their mother wants the added
> protection of content filtering for a couple of years until "aunt flo"
> arrives and she can halve "talk 1.0" with her, but also wanting to know *what
> *was requested and by what mechanism. Ipcop to the rescue again…you can
> say "no" via automated system, but it's considerably more important to know
> what is being asked for and how. Was it typed in? Why is the child
> interested in that particular topic? (etc. etc.)
>
> Also, having all these folks on the network at home while "mom & dad" work
> from home a lot requires packet-shaping of the Xbox and Rou down and web
> traffic/SSH up. Also, when on the road, I need to be able to VPN into my
> private network from anywhere to do something even so small as printing a
> doc for my wife all the way to rooting around my internal net for various
> reasons. (i.e., you can't hit the time machine from the outside)
>
> So, a smallish box with modest means to run a couple hundred meg distro
> for firewalling seemed to be the way to go for us… that's why I asked.
>
>
> TL;DR. (I've done this before.. I just need hardware)
>
> Something else on the topic…. I re-read and it appeared I was *only*
> asking for "free" stuff… I'm not. If you've got something hogging space and
> you're under a "nag order" to get rid of it, please do think of me first.
> And if it requires a few bucks, that's good too. I just wanted to work
> with you guys who may need a few bucks first before giving that cash to
> $company making cheap crap in China. I'd rather buy the cheap crap from
> you instead. XD
>
>
> --j
>
>
> On Jul 15, 2013, at 8:52 AM, Tom Freeman <tfreeman at intel.digichem.net>
> wrote:
>
> Please forgive the chime in - but...
>
> +1 with an observation of sorts
>
> A parent still needs to monitor sufficiently to catch a usuable per
> centage (what ever that value is) to ensure that the conversation takes
> place. (I caught a daughter sneaking a viewing of "Flesh Gordon" from a
> copy her late mother gave me. _That_ was an awkward conversation!)
>
>
> On Mon, 15 Jul 2013, Jim Kinney wrote:
>
> In short: don't rely on technology as a role model stand-in for children.
> I have exactly 0 filters on the feed at my house. none. waste of time. Kids
> will find what interests them. If it's porn, you're overdue for "the talk"
> and that one will go on for the next several years. If the adult is not
> capable of sitting down and watching what they are and rationally
> explaining
> what is problematic about it, the child will begin to disregard the adult
> as
> an authority figure and view them as just another knee-jerker wearing
> blinders.
> Most kids are wanting to find stuff that's not porn and other "bad stuff".
> Most kids get embarrassed or grossed out when it accidentally crosses the
> screen on an errant mouse click. It's far more important to have them
> understanding that they will not be punished the occasional mistake but
> will
> be expected to learn from them. Teach them the "back" button in both mouse
> and keystrokes :-)
> Ron brought up a bigger issue that can't be filtered with current tools:
> what the kids actually say online to each other. Between 12-13 and about
> 19-20, girls are vile, horrid creatures to other girls and boys are
> brain-damaged monsters with illusions of invincibility. A useful tool would
> be a screen mirror with recording so the nasty things they say to each
> other
> can be replayed, discussed, and used as reasons why privilege A is being
> withheld. I'm thinking of a chat mirroring tool or email copy process. It
> will only get to be used once then they will change methods (if they are
> smart). But that level of guidance, no matter what _they_ think, would
> benefit them greatly learning how to relate with others.
> Besides, once the hormones kick in, they will find a way to find out about
> it. If the default view at home is "NO! BAD!", they will look elsewhere for
> answers unless they are totally dominated by helicopter parents. Most
> commercial porn is crap with subtle and not so subtle overtone of violence
> against women as themes. It's a challenge to find something that can serve
> as guidance for humans really relate in bed. And intelligent bed banging is
> far better than stupid gun banging in the street.
> On Sun, Jul 14, 2013 at 9:46 PM, Ron Frazier (ALE)
> <atllinuxenthinfo at techstarship.com> wrote:
> Hi all,
>
> Since I brought up OpenDNS, even though I'm a user and a fan, I
> should point out some limitations. About 10%, as a rough
> guestimate, of the ugly stuff will sneak through the filter.
> The purveyers of junk bring up new sites too fast for everything
> to be in the database. Do not assume your kids will be totally
> prevented from getting to any and all "insert bad category"
> stuff.
>
> Also, if your kid knows how to do any of the following, he / she
> can bypass the filter: choose an alternate dns server on the pc,
> use a proxy / anonymizer (although you can filter that
> category), browse by ip alone without dns, start up a vpn, take
> their laptop / smartphone to a friend's house or hotspot or step
> parent's house. Anything that bypasses the use of the OpenDNS
> servers or changes their public ip bypasses the filter. I have
> wished in the past that I could tie the filter to a specific pc,
> but OpenDNS does not provide that as far as I know.
>
> Internet Explorer provides some built in content filtering
> options, which can tie into things like NetNanny (I think), but
> I've never used it. Firefox doesn't provide any of that
> natively that I'm aware of, but there may be plugins for it.
>
> I have links to a couple of Christian sites related these topics
> I could try to dig up if anyone wants.
>
> Note that, even if they cannot easily access "uglyjunk.com"
> because of OpenDNS, they can see links to it in google and bing,
> and in the latter case, with live video coming though bing. The
> child's pc need not ever visit "uglyjunk.com" to see some of its
> content, albeit with smaller pictures.
>
> You can make things harder to bypass by putting the OpenDNS
> servers in your router settings. Then, any pc which just uses
> basic dhcp to get it's ip and dns will pick that up from the
> router. But, that does not prevent the pc from querying another
> dns server directly if it wants to. If the pc can get an ip for
> "uglyjunk.com", it can still visit the site.
>
> I have heard that you can get hosts files of preconfigured
> blacklist sites, then the computer is just directed to nowhere
> when they try to get those sites, before even querying the dns.
> I've never used that though.
>
> The service also depends on linking your public ip to your
> account. That's why going to a hotspot bypasses the filter.
> They'll have a different public ip which is not linked to your
> account. Even if the pc was set to use the OpenDNS servers,
> your personal filter settings would not be in affect. You would
> still get phishing protection though.
>
> Since your public ip is subject to change periodically when your
> cable / dsl modem resets, you need to run a small utility, which
> I run in Windows, to link your current public ip with your
> account and filter settings. You'll have to check on whether
> they have a linux utility, but they probably do. When your ip
> changes, if the utility runs, the OpenDNS servers get set to
> respond to the new ip. If your ip setting utility doesn't run
> for a few days, then your filters won't be in affect for a few
> days if your ip has changed.
>
> I do NOT recommend running the ip setting utility on the child's
> computer. Here's why. Let's say you did that. They go to
> starbucks. They login, then the ip utility links STARBUCKS
> public ip to YOUR filter account. Your child would then be
> subject to your filters, but so would EVERYONE ELSE in
> starbucks. That might cause some problems. This would remain
> in effect until your child logged into another network and got
> another public ip.
>
> Because ip's change, the system occasionally gets confused as to
> which account owns which ip. This is rare, but, for example,
> let's say there is a disruption at the isp and all the cable
> modems get reset. You may end up with what was someone else's
> public ip and they may end up with yours. It may take a little
> while for the ip setting utilities to set everything straight.
> So, the possibility does exist that they could see stuff in
> their account logs on OpenDNS that came from you and you could
> see theirs.
>
> One other slight disadvantage of the OpenDNS system is that all
> pc's in the house with the same public ip will have the same
> filters. You could always active a vpn or proxy on your own pc
> though and bypass your own filter.
>
> Despite these limitations, I found the service extremely useful
> and wouldn't want to be without it with a child in the house.
> You could gang other technologies on top of this, if you wish.
> I still have it active, even though my child has moved out, to
> filter out rubbish that I might hit accidentally.
>
> This is slightly off topic to the original question, but I'd
> consider a certain amount of monitoring of my kid's
> communications online. Chat, email, facebook, whatever. How
> much is up to you. I'd also set rules on who it was appropriate
> to communicate with. Again, up to personal discretion. You can
> get books about how to deal with these issues.
>
> Sincerely,
>
> Ron
>
> On 7/14/2013 8:09 PM, Doug Hall wrote:
> 27" iMac is sweet. But I agree with Ron. There's no
> reason to buy ANYTHING if you use OpenDNS to filter
> content. I'm very satisfied with the free service.
> Okay, maybe paranoia is a reason. I wouldn't be
> surprised to know that OpenDNS is releasing records
> to the NSA. But then again, so could your current
> ISP.
> On Sun, Jul 14, 2013 at 5:03 PM, Jerald Sheets
> <questy at gmail.com> wrote:
> I do. It's a slamming 27" iMac. :)
>
> Jerald Sheets
> Sent from my iPhone5
> On Jul 13, 2013, at 10:20 PM, Jim Kinney
> <jim.kinney at gmail.com> wrote:
>
> Jerald, you're missing the entire point:
> Upgrade _your_ machine and give the old one to
> the young-uns. Put squid-guard on it and
> provide a pile of bookmarks they are
> interested in.
> :-)
> House Rule: Dad ALWAYS has the best hardware unless
> someone else is paying for it.
> On Sat, Jul 13, 2013 at 10:00 PM, Neal Rhodes
> <neal at mnopltd.com> wrote:
> I would think you could look for
> off-lease "no-os" refurb units on
> TigerDirect for maybe $100.
>
> On Sat, 2013-07-13 at 21:22 -0400,
> Jerald Sheets wrote:
> Hi all.
> I've come to the point where my next generation o little ones will be
> going online, and I'm going to build me a content filtering firewall.
> (Ipcop)
> Thing is, I don't have any old hardware and need to get something, but
> anyth
> ing I would buy in a store would be overkill.
> I'm looking for something P3 or later, mid tower with one drive bay is
> fine and 4-8G of memory. Anyone have anything like that you'd like to
> unload? Jerald Sheets
> Sent from my iPhone5
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> --
> --
> James P. Kinney III
> Every time you stop a school, you will have to build
> a jail. What you gain at one end you lose at the
> other. It's like feeding a dog on his own tail. It
> won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
> http://electjimkinney.org
> http://heretothereideas.blogspot.com/
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130722/5c8e9582/attachment-0001.html>
More information about the Ale
mailing list