Kyle <k...@attitia.com> writes: > well, tonight was certainly an eye opener. So, ok, I apparently need to > implement some form of Net Nanny software and pretty damn quick too.
As I say when the same issue comes up in a business context, this is a social problem and technical solutions will only get you this far: "". > Can anyone recommend some form of package-based (Ubuntu for the local machine > or CentOS-RHEL for the gateway) Nanny software pls? I really need something I > can just install, do some form of basic (I mean BASIC) config and it will keep > itself uptodate with regular machine updates. I really haven't got the time to > learn some heavily convoluted new package. > > What are my chances? Do you want to pay money for it? http://dansguardian.org/ The software is free, but I don't know of any well maintained blacklist that provides filtering of the sort you are likely to want. The commercial options, found on the site, do however.[1] Personally, though, I would solve this in a different fashion: social control, aided by small technical assistance. Specifically: Assuming the problem user doesn't have root, and doesn't have a sensible way to get it, configure squid, and use a firewall to block any outbound traffic except via that proxy.[2] Then read the logs. Make it known that this has happened, and that you /will/ be reading the logs. Do it. Look for proxy sites and HTTPS access, too, not just the immediate sites, because eventually they will be tested. Just read them every now and then, or grep them. After the first month or two you don't need to be thorough. Personally, I would have something schedule a *random* check between three and fourteen days from now, and repeat that every time. Genuinely random, so you can't be gamed. That should sort out the local stuff, at the cost of whining about games and IM that are no longer easy or pleasant to use. Um, and assume that this is going to get worked around anyway, because there is always a way around it. For example, a friends house, a USB stick, or a suitable Internet cafe, or the school network, or... Daniel Footnotes: [1] ...and, perhaps, a free option has sprung up. [2] Even with this you will find that, for example, -- ✣ Daniel Pittman ✉ dan...@rimspace.net ☎ +61 401 155 707 ♽ made with 100 percent post-consumer electrons Looking for work? Love Perl? In Melbourne, Australia? We are hiring. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
