Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsNew Zealand BroadbandAny ISPs that run a watchdog style safe filter?
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
berend

62 posts

Master Geek
+1 received by user: 1


  #376435 4-Sep-2010 07:29
Send private message

Ragnor: As mentioned Maxnet and Snap offer filtering via WatchDog.

You should also implement content filtering at the gateway/firewall for the school, Sonicwall have some good stuff.


We already have a transparent proxy as we have a pfSense box connecting us to the internet. OpenDNS might be something, but I believe we definitely need content filtering. We're not dealing with adults here. We're also not dealing with kids who want to explore the boundaries, we just want to avoid people at school stumbling on content/images which would be inappropriate in a school setting.

But the suggestion to use a different ISP and still use Watchdog filtering is a good one. We're currently using Watchdog as our ISP, but have the feeling that they do not have enough qualified technical people to resolve issues.



1080p
1332 posts

Uber Geek
+1 received by user: 152
Inactive user


  #376459 4-Sep-2010 08:21
Send private message

I was about to suggest pfSense, I've just setup my own router using it and it is wonderful.

I think an OpenDNS filtering system could not hurt. Their blocklists are huge and encompass a massive portion of the internet because they are such a large organisation.

To become even more strict than that you may need to consider a whitelist only policy as blacklisting is always going to be a cat and mouse game with you being slightly behind the curve.

raytaylor
4076 posts

Uber Geek
+1 received by user: 1296

Trusted

  #376605 4-Sep-2010 15:22
Send private message

I would have also said something like pfsense. You can disable the dns port from all the workstation computers from connecting to remote dns hosts, and so they must use the dns server built into pfsense, which only forwards queries onto the opendns servers.

Kerio winroute firewall does a very good job with their built in filtering system.
It talks to the kerio people who look at all urls and class them, and you can set up your own filtering system. Does all the stuff pfsense does but will happily run on a windows xp home / pro box. Has an http cache too to speed up browsing and url filtering etc.

I use it for a few of our corporate clients. The built in reporting system is amazing.

Best thing is that you can set up a redirect so that if a student goes to a blocked site, you can redirect them to a blocked page, which using a php script can make a log. Then you can go and analyse students who have heaps of hits in the block log and take appropriate action.

Oh also i think the licensing is based on the amount of people online at a time - so you look at how many workstations you have, not how many students.




Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here



raytaylor
4076 posts

Uber Geek
+1 received by user: 1296

Trusted

  #377981 8-Sep-2010 19:51
Send private message

At my old school, the IT guy was a git and thought that by only allowing port 80 through the firewall, only web traffic would go through. Untill i changed the RDP port on my pc at home and just remoted into the pc at home to access things.





Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

dklong
167 posts

Master Geek
+1 received by user: 32


  #378584 10-Sep-2010 14:50
Send private message

Berend

I've used a combination of Squid with DansGuardian at home to provide a combination proxy server/content filter for the home network. DansGuardian is a bit of a bugger to get right as it's default config is 'very' strict... but slowly we have got the right balance.

By configuring the router to only allowing external access from the proxy box, you force clients to go through it and therefore have to abide by the rules. By-passing the proxy simply means they can't get out at all.

Obviously not as easy as getting an ISP to do it, but more configurable long term and allows content filtering rather than just DNS blacklists etc. Also supports erstricting file downloads by extensions etc.

Cheers

David




insane
3324 posts

Uber Geek
+1 received by user: 1006

ID Verified
Trusted
2degrees
Subscriber

  #378704 10-Sep-2010 23:58
Send private message

Ragnor: As mentioned Maxnet and Snap offer filtering via WatchDog.

You should also implement content filtering at the gateway/firewall for the school, Sonicwall have some good stuff.


Maxnet also offer their own 'netguardian' product which does a similar thing to that of the Watchdog filter, but it is fully separate. The watchdog filter is a two part setup I believe using both the same system that Maxnet use and then another device called whitebox? I believe.

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright