Internet Content Filtering over wireless network

Does anyone know of any products that can handle this job?

The network has a DSL router connected to one of the NIC's in the server and the other NIC has the WRT54G wireless router connected to it. There are about 6 nodes that connect up with PCMCIA wireless cards. The internet connection is shared using ICS. My client would like content filtering. I have tried Cybersitter but it doesnt block sites for the wireless nodes. I see that McAfee do a Wireless Internet Security Suite but looking into this all it has is a block by URL function, which in less i can find a list of all p*rn sites and so on it will be no good to me.

Any suggestions?

Thanks in advance

Reply to
browser
Loading thread data ...

You could use a captive portal. A captive portal would sit in front of the WRT54G. Routing, and filtering, would be done with the CP and the WRT54G would be used just as an access point. (The CP would be connected to one of the WRT54G's LAN ports, not WAN.)

Besides filtering, there is a whole range of things that can be done with a CP. CP's are how "pay sites" use web logins for wireless access.

Best part, there are quite a few free CP's at there. I use ZoneCD, with DansGuardian, for filtering a completetly open SSID. Works great.

formatting link
There is another free one called "Chilispot", which seems to be very popular, also. I haven't messed with it yet.

Reply to
Eric
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

SonicWALL products have optional content filtering.

Reply to
John Navas

Depending on your specific needs DD-WRT (an alternate firmware for the WRT54G) provides some filtering ability. If your WRT is pre-version 5 hardware, this might be worth taking a llok at.

fundamentalism, fundamentally wrong.

Reply to
Rico

Thanks for the advice.

Eric - I have downloaded and will see how it goes, just one question im hoping you may be able to answer: Do clients have to log into the system before accessing the internet? And you say you have a completly open SSID. Does ZoneCD have better or equal security then WPA?

Rico - What sort of content filtering does it do? I suspect URL or IP filtering....Is there any company that sells an updated list of tyipcal "unwanted" sites that you know of?

Reply to
browser

I have truthfully not pursued the issue enough to give you a good answer. I just know I have seen the subject in the documentation for DD-WRT. I suspect it is a sort of url filter that would fetch it's list from a computer on the LAN. I'm not trying to say this is the perfect answer for you, just suggesting it might be worth a few minutes of your time to pursue. It looks like it could be a reasonable and cheap way to go given your existing hardware. Might turn out to be completely not what you need. Remember too that there is no way to completely block p0rn from your network if users really want to waste the time. The p0rn crowd just adds new urls and header meta tags etc with each new attempt to block them. Much like spam as soon as one way to filter it is worked out, the spammers alter the spam.

formatting link
fundamentalism, fundamentally wrong.

Reply to
Rico

They don't have to do the web login. It is simple a feature that can be enabled or disabled. My open SSID is completetly open by choice. My web login is simply a "splash screen" disclaimer and a requirement for anyone connecting to enter "OK" before being given access. In your case, you would certaintly want to continue using WPA for security at the hardware level -- and encrypting everything in the air.

After writing a previous PocketPC reply, another idea came to mind. A software proxy server (with content filtering) should also work, if you don't want/need all the stuff in a captive portal. Same drill as the CP: it would be in a computer with two NICs before hitting the WRT54G.

Doing the proxy route, you may even be able to get away from not having to dedicate a PC completely to it -- like you would with a CP. It would, however, be the "Master PC" -- so needs user or even physical restrictions. If anyone gets into the "Master PC" proxy, the whole network will be back to downloading p*rn again.

Reply to
Eric

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.