Security Basics mailing list archives
Re: Family protection - proxy?
From: ragdelaed <ragdelaed () gmail com>
Date: Thu, 30 Mar 2006 12:51:53 -0500
install debian on a headless walmart special with 2 nic cards, one for your lan, the other for the wan. install squid and dansguardian. install clamav with anti-virus plugin, if you wish, but it will run slower. much. run sarg for the reports. run dglog.pl for quick logs.
the best way to do it is to look at the howto at the bottom, then download each component separately, install, mess it up, play around, break it, then start all over again. depending on your experience level, this might take a while. if you are unfamiliar with much of the below, then count on at least a week to build, test, then deploy.
also, you need to configure the walmart special as your gateway. whether you make it the dhcp server or not, it needs to be your gateway. then you can direct all port 80 traffic to the dansguardian filter without having to change any clients in your house. you make your box a transparent proxy. instructions are in the howto.
this might take a while, but it is very worth it. i have three boys that love yugioh and junk like that, so they are on the net all the time. they get blocked a lot. :)
consider the enterprise equivalent. an enterprise proxy solution will run about 250k for product and support, a content filtering solution will be about 300k, an anti-virus solution will run about 100k, and the monitoring and logging in man hours will be huge. estimate 500k for a complete bundle solution, and your eyes bug out. and dansguardian is not just a black list filter, but rather a weighted content solution that does not depend on pre existing blacklists but can catch things on the fly based on the content in the page. i like it. for about 300 bucks, you can have all of the above, plus the other coolness that linux gives you.
walmart: http://www.walmart.com/catalog/product.do?product_id=4659580 http://www.newegg.com/Product/Product.asp?Item=N82E16822998004 or http://www.newegg.com/Product/Product.asp?Item=N82E16833315001 dansguardian: http://dansguardian.org/ squid: http://www.squid-cache.org/ AV: http://www.pcxperience.org/dgvirus/ http://www.clamav.net/ sarg: http://sarg.sourceforge.net/ dglog.pl: http://www.tiger.org/technology/dg/ howto: http://www.ysgnet.com/modules.php?op=modload&name=News&file=article&sid=164 http://www.nyetwork.org/wiki/DansGuardian Paul Simons wrote:
I am looking for advice on how I can best protect my family from the 'horrors' on the Internet. We have a small ADSL/wireless network at home (with a firewall and AV on all systems) on which my kids have their PCs/Macs. My wife and I use it via our laptops. What is the best way of stopping access to porn/violence/etc.? I was looking at setting up a system with a proxy. Or maybe paying for some sort of service? I don't really want to have to install a package on every system (expensive and unmanageable) Any other suggestions gratefully considered Paul To find out more about Reuters visit www.about.reuters.com Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Family protection - proxy? Paul Simons (Mar 30)
- Re: Family protection - proxy? Saqib Ali (Mar 30)
- Re: Family protection - proxy? James Fryman (Mar 30)
- Re: Family protection - proxy? ragdelaed (Mar 30)
- Re: Family protection - proxy? Adi Kriegisch (Mar 31)
- Re: Family protection - proxy? Anthony J Placilla (Mar 31)
- RE: Family protection - proxy? John Lightfoot (Mar 31)
- <Possible follow-ups>
- Re: Family protection - proxy? pg_vlad (Mar 30)
- RE: Family protection - proxy? Drake Gregory Cntr 868CS/SCNS (Mar 30)
- Family protection - proxy? Craig Wright (Mar 30)
- Re: Family protection - proxy? barcajax (Mar 31)
- RE: Family protection - proxy? Bill Diamond (Mar 31)
- Re: Family protection - proxy? secret (Mar 31)