[vox][OT response] Article: A parent's guide to Linux Web filtering

Fri Jul 2 14:46:17 PDT 2004

On Thu, 1 Jul 2004, Micah J. Cowan wrote:

> (Couldn't figure out what text would be appropriate for quoting, so I
> snipped it all).
>
> I forgot to mention that the techniques I like the most are
> accountability-based techniques, where they don't block
> *anything*... but a copy of all logs are sent to someone who will
> review it (in this case, you). That allows you the opportunity to
> discuss what they are viewing and why.
>
> Unfortunately, the only realistic way to do this is have the ISP send
> the logs to that person; and I only know of one organization that does
> this (and they require Windows, which may mean that the logging is
> done on the client end, ugh). If you set up this system on the client,
> then it is vulnerable to the same disabling techniques that are a
> problem for filters.
>

Well, you could always drop an unroutable sniffer (no IP address, snip the
transmit wires, etc... think setting up a Snort box) on the house LAN.
Lock it up somewhere that the kid can't access (unless they take up lock
picking, which is a whole other subject). Have it record all web site
visits, etc that you want to monitor. Perhaps have it set up to dump the
logs to some removable media every hour or so. Then you could take the
disk to your workstation to process the logs.

This is of course a rather paranoid approach that I would probably rather
use to monitor all the computers in the house for worm/spyware/etc
activity rather than to monitor what the kid is doing. I think the OP has
the right idea about having honest (age-appropriate of course)
conversations with the kid about such things. You have to give kids
boundaries, but you don't need to use the electric fence approach at the
borders. In fact, being too strict without an explained context (and even
with it sometimes) really does often backfire in kids who are old enough
to regulate their own activities. It makes it seem like you don't trust
them to be responsible so you put up "spy" software. Being a person whose
parents trusted me to act responsibly as a teen, I can tell you I was far
better adjusted throughout high school and adult life than several of my
peers whose parents micro-managed them.

Hey, and if you do the worms/spyware monitoring approach, you could make
it a family project. Teach the kid a little bit about security and sys
admining while setting up the box. If you start young with the "worms are
bad, but here's a machine if you want to fiddle" approach, your kid will
be more likely to be a true hacker in the non-media warped context sense
and less likely to be a script kiddie. When I was a kid, my dad brought
home a machine and said "you put it together". He also showed me how to
make DOS boot menus, use hex editors, brought home an old set of spiral
bound manuals from some Unix flavor (can't remember which) and so on.