Restricting Websites on PC

Discussion in 'Mac Basics and Help' started by VanMac, Feb 9, 2007.

  1. VanMac macrumors 6502a

    VanMac

    Joined:
    May 26, 2005
    Location:
    Rampaging Tokyo
    #1
    Hi.

    Sorry for posting here, but I appreciate the quality responses.

    My kids computer is a PC (till I upgrade it to a mac). My son likes to go online, but we only allow that when supervised. Sometimes it is hard to sit with him (time issues).

    Can anyone recommend a good solution to limit the websites he can go to. He logs into Windows XP under his own username. I dont need anything fancy, just something that can limit him to like Lego.com, etc.

    I have wireless network, and routers, and could configure those, but really just looking for something simple. Any advice appreciated.
     
  2. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #2
    I think in XP you would need additional software such as Surfwatch or Net Nanny.... I don't think there's any in-built feature.
     
  3. thejadedmonkey macrumors 604

    thejadedmonkey

    Joined:
    May 28, 2005
    Location:
    Pa
    #3
    MSN explorer might be helpful, or perhaps there's a firefox extension that would do the trick.
     
  4. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #4
    Also, my friend has a trick which even works on his (young) teenage kids: their PC's are connected to a separate router, which is on a household timer. They only have internet access at certain hours of the day.
     
  5. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #5
    Put a false DNS entry in the system, and put lego.com in the hosts file.
     
  6. eluk macrumors 6502a

    eluk

    Joined:
    Dec 14, 2006
    Location:
    East London, UK
    #6
    Using the hosts file would also be my answer as long as the list of permitted sites was not too great.
     
  7. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #7
    But isn't the solution to this as simple as going to the preferences and deleting the fake DNS from the list? Or is Windows relatively secure from allowing the user to do that?

    The router solution sounds like a good candidate, although I do have a question for both of these techniques...

    Suppose that the person were minimally allowed to go to two or three sites.

    When akamai or a similar product is used (as it is by many sites), not all of the web content is hosting from the lego.com or whatever. Won't all of this be completely mucked up by being so restrictive that only traffic from lego.com is allowed?
     
  8. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #8
    You can restrict a user's ability to change permissions. It doesn't take too long to sniff a list of sites and populate a hosts file, with someone who's restricted to a handful of sites, I'd just sniff DNS lookups for about a day and populate the hosts file from that.
     
  9. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
  10. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #10
    One would assume that a boy who is only allowed to visit sites like Lego.com (and is willing to put up with that!) is not going to be old enough to have the technical competence to delete fake DNS entries and host files.

    However, I have been proven wrong before. (We'll watch for the new thread on Macrumors soon... "Hi, how do I reset my DNS configuration so I can visit sites other than Lego.com?" :D)
     
  11. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #11
    A more complete solution is for a proxy server like Squid to be the only path out, then use something like SquidGuard and redirect them to the "Why are you trying to violate the policy?" web site, which is what I tend to set up for small/medium sized businesses who want the same functionality. There are specific permissions for settings, or you can hand them out via DHCP if you really wanted to- and you could ACL the DNS- but that's way involved for someone who's just trying to cage a minor.

    Kudos to him though- it's good to see responsible parenting online.
     
  12. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #12
    Was this product by any chance developed in a secret testing facility in a pineapple under the sea? ;)
     
  13. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #13
    Nope, AFAIK Squid was named way before there were trouser-wearing kitchen cleaning items named Robert ;)
     
  14. aj98 macrumors member

    Joined:
    Nov 16, 2006
    #14
    Internet explorer has some control build in.

    Run IE, then select Internet Options from the Tools menu.
    Click on the Content Tab, then click on the Enable... button
    in the Content Advisor section.

    The rest should be self evident.
     
  15. VanMac thread starter macrumors 6502a

    VanMac

    Joined:
    May 26, 2005
    Location:
    Rampaging Tokyo
    #15
    Hey All.

    Thanks for the great replies. I'll look into those IE settings. If that doesnt do the trick, the I'll look into host files or router config.

    My son is pretty good, and does not go anywhere where he shouldnt on purpose. I'm more trying to prevent accidents from happening.

    If however you do see a thread titled "I can only go to Lego.com"...please bring it to my attention. ;)

    Regards,
     

Share This Page