From owner-freebsd-questions Tue Jul 24 5:11:43 2001 Delivered-To: freebsd-questions@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id 5FB2E37B403 for ; Tue, 24 Jul 2001 05:11:34 -0700 (PDT) (envelope-from wmoran@iowna.com) Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f6OC7un17224; Tue, 24 Jul 2001 08:07:56 -0400 (EDT) Message-ID: <3B5D65E0.460B8B63@iowna.com> Date: Tue, 24 Jul 2001 08:11:12 -0400 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 Cc: Clayton Tycksen , freebsd-questions@FreeBSD.ORG Subject: Re: freebsd box as a porn filter? References: <000501c113fe$2fef08e0$1401a8c0@tedm.placo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > >> Dear FreeBSD, > >> > >> I'm relatively new to Unix. A good friend of mine has converted me to > >> FreeBSD, and I'm enjoying it. > >> I do have a question- as the administrator of a small network, I'm > >> wondering if it's possible to set up FreeBSD on a box and have it > >> perform filtering of pornography. I realise that I can set up a FreeBSD > >> box to perform packet filtering (although I still need to figure out how > >> to do that, exactly). But I'd like to prohibit nodes on our network > >> from viewing pornographic material, and a few other general websites. I > >> do not have an external 'router' per se - We have an ISDN connection to > >> our ISP (which does not provide filtering). > >> > >> I've looked at available hardware designed specifically for spam and > >> porn filtering for networks, but the price of the hardware is too high > >> for my small network of 15 nodes and 2 servers. You know, I wasn't paying much attention to this thread, but the solution is very simple. I've seen one client do it and it works fine. First, establish a written policy that work computers are for work, period. And establish a written policy for punishments for viewing potentially offensive material on company computers. This leaves nothing to be questioned. Then put up a squid proxy (which is a good idea anyway, for the sake of optimizing your existing bandwidth) and make it public that you're logging *everything* that people do on their computers, in compliance with the written policy. Then, after a month or so, do a text search through the logs for words like "porn", "sex", etc. Track down the IPs of who did it, and deal with them in accordance to the written policy. We only had to approach 1 person, after that, word got out that the policy was serious and we haven't seen anything in the logs since. It takes a very short amount of time to check the logs each month, and even less time if there are no violations. -Bill -- It may be that true happiness is nothing more than the ability to *always* know the right thing to say at the right time, whereas true misery is the state of perpetually saying to oneself, "What I *should* have said was..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message