I was sure you could do it, but now I can't figure out where. I've got McAfee Personal Firewall and I use Firefox. Surely either one of those would let me keep my kids off Xanga and Myspace. Wouldn't they, Shirley?

I don't have McAfee, but on mine you can double-click the icon in the lower right to open, select Internet Security, Personel Firewall, Configure, Programs and then block specific sites.

In McAfee Personal Firewall Plus, you should be able to double click the Red M icon in your system tray. Then click the Personal Firewall Plus tab, and block whatever sites you want blocked.

The thing about myspace though is that you have to block all of their server URL's, including (but not limited to) mail.myspace.com, collect.myspace.com, groups.myspace.com, et cetera, et cetera, et cetera. They are each served by different IP addresses.

The only way to completely block an internet franchise like myspace is to deploy a filtering service like WebSense. It ain't cheap, either.

Mash here (www.websense.com)

I've talked to my kids. I've told them that I don't want them visiting places like that. They say they understand. I say I trust them but I'm checking up on it anyway, and that I know how. I'm bluffing (a little), but they don't know that.

McAfee (that I can see) only lets me block by IP address. How do I find that?

You could ping the URL. Open a command prompt and type 'ping www.myspace.com' (http://www.myspace.com') (for example) and it should return the IP address.

MySpace, by the way, is 63.208.226.41.

pinging the IP address sounds a little gay.

I'll try that. Thanks.

There's no way to feasibly block a site by IP address.

For example, pinging www.myspace.com:



C:\>ping www.myspace.com

Pinging www.myspace.com [63.208.226.42] with 32 bytes of data:

Reply from 63.208.226.42: bytes=32 time=93ms TTL=242
Reply from 63.208.226.42: bytes=32 time=92ms TTL=242
Reply from 63.208.226.42: bytes=32 time=93ms TTL=242
Reply from 63.208.226.42: bytes=32 time=90ms TTL=242

Ping statistics for 63.208.226.42:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 90ms, Maximum = 93ms, Average = 92ms

C:\>


Then pinging mail.myspace.com:



C:\>ping mail.myspace.com

Pinging mail.myspace.com [204.16.32.231] with 32 bytes of data:

Reply from 204.16.32.231: bytes=32 time=93ms TTL=242
Reply from 204.16.32.231: bytes=32 time=94ms TTL=242
Reply from 204.16.32.231: bytes=32 time=92ms TTL=242
Reply from 204.16.32.231: bytes=32 time=92ms TTL=242

Ping statistics for 204.16.32.231:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 92ms, Maximum = 94ms, Average = 92ms

C:\>


Then there's the collect servers, and the groups servers, and the forums servers, not to mention the bulletins servers or the video servers.

Just talk to your kids, Doc. Tell'em to be safe and that you always know what they're doing. They believed that you had eyes in the back of your head when they were little and they know you know what they're doing now.

Just tell them you'll circumcise their eyelids if you find out they've been on the sites.

http://www.netnanny.com/

http://www.cybersitter.com/

Just tell them you'll circumcise their eyelids if you find out they've been on the sites.

That reminds me of a joke. Which is so old, I have to tell it.

I knew a young man who was born with no eyelids. The pediatrician referred the fretful parents to a specialist, who said he could circumcise the youngster and use the foreskin to graft a new set of eyelids.

Everything went well except... the boy was a little c0ck-eyed.

Carry on.

http://www.soonerfans.com/forums/showthread.php?t=66818&highlight=foreskin

You can block by netblock, if you know how to go about doing it, and your software supports it. Of course, that requires you to learn how netmasks work...

(MySpace, for example, can be blocked as 63.208.226.0/24 or 63.208.226.0/255.255.255.0 . Xanga would be 209.66.88.0/24 or209.66.88.0/255.255.255.0 . These are subject to change though... If you're interested, I can explain it, but it's long and dry and it would probably be easier for you to subscribe to a service.)

Doc,

Also, if you can "block" it locally, if your kids have physical access, they can probably "unblock" it. You're going to have to figure out a way to prevent them from changing the settings; you may be able to do this by passwording all the admin level accounts and giving them their own non-admin level accounts.

(Of course, I don't know how McAffee really works, so that may not work so well)

Also, for what it's worth -- DO NOT try to just block by IP address. They change. A lot. www.myspace.com, for example, has four separate IP addresses.

You really need to block by netblock.

Edit your hosts file. (http://www.mvps.org/winhelp2002/hosts.htm) Most people won't be able to figure that one out.

McAfee's a funny name

Baning them from MySpace will just make them want to find out why. Talk to them and explain to them the dangers involved in a site like that. I would probably go the route of allowing them to set up a MySpace site on the condition that I get to monitor what they put on it and so on.

Baning them from MySpace will just make them want to find out why. Talk to them and explain to them the dangers involved in a site like that. I would probably go the route of allowing them to set up a MySpace site on the condition that I get to monitor what they put on it and so on.
Theories sound good until it's your kid your farting with.

I might check some sites out with them and discuss them, but mine wont open a site.

Edit your hosts file. (http://www.mvps.org/winhelp2002/hosts.htm) Most people won't be able to figure that one out.

yup. should handle failover and round robin IP's that way... i would imagine if you hit the host/site that they use for authentication you wouldn't need the rest

the only problem is that there are always going to be new sites that do the same thing, myspace, xanga, blogger, tagworld, soonerfans.com... and the kids will know about them before you do.


kids need to understand that people on the internet are "strangers" and you should treat them the same way you would if they call on the phone, or come up to you on the street

you don't tell them where you live, or your full name or enough info to find you or that you are home alone, etc...

seeing that lots of adults aren't even careful about such things, it doesn't surprise me that kids aren't either

Editing the hosts file is a good idea. That's what WebSense does at the enterprise level. But like Yermom said, it's a constant and vigilant effort. You're sort of stepping on a slippery slope of always monitoring and editing, monitoring and editing, monitoring and editing.

I turned Yahoo's safe search mode on. Only to find that someone else turned it off. Same with Google and Altavista. "Look," I said. "This has got to stop. Either you abide by my rules on this computer, or you just can't use it. I know what you're doing. I don't like it, and either it stops or your use of my equipment stops. What's it gonna be?"

i think that goes back to the public room computer thing, until they are old enough to handle seeing pr0n this is probably the best way ;)

My children are all female. They can never, evar handle seeing pron.

Not until I'm dead, that is.

my job is to keep her off the pole

I agree on the hosts file suggestions. Mine has about a thousand entries.

I can't keep up with that. It's like the struggle between the warhead and the armor. Eventually, the warhead will win the day.

The kids aren't supposed to get on the computer at all right now (both grounded from it for grades) but I bust them all the time. Really, it's only my daughter, I think. Neither are too computer savvy, so it's as simple as checking the history. There's about 30 minutes between them getting home on the bus and my wife getting home from picking up the Pre-K boys, and that's when she gets online. I bust her, she says she won't do it again, then she gets busted again a few days later (that's a recurring theme with her). It may get drastic, I may take the keyboard to work with me. I'll figure something out. Editting the host file sounds tricky. I'll read that article and see if it's something I'm comfortable with. Thanks again everyone.

put a password on the computer so she can't log in while you're not there.

My daughter has a Xanga site. The condition was that I had to have her password so I can check out what's going on. We've discussed at length what she is not allowed to say there...her name, where she lives, where she goes to school, where she plays soccer or even her soccer number. She's not allowed to put any pictures of herself up in a soccer uniform, either.

She gave up Xanga for lent, so it's time to start checking again!

Edit your hosts file. (http://www.mvps.org/winhelp2002/hosts.htm) Most people won't be able to figure that one out.
This was going to be my suggestion.

put a password on the computer so she can't log in while you're not there.

If I remember correctly, those Windows passwords were only for personal settings and getting around them was pretty easy.

i have mine set up that way. there's only one user and it's ME. if they aren't that computer savvy they won't be able to get around that.

If Norm's link was a little cryptic...

The "hosts" file is a file that your browser looks at before making the translation between readable URLS and not-very-readaple numeric IP addresses. So if it looks at the hosts file and sees that you have a specific entry for www.myspace.com, it will direct the browser to that ip.

Assuming you're on XP, the hosts file is located at the following location:
C:\WINDOWS\system32\drivers\etc

You'll see 5 or 6 files. One of them will be "hosts."

Open it up with notepad. After the last line, insert the following lines


127.0.0.1 myspace.com
127.0.0.1 xanga.com


127.0.0.1 is the IP for your computer. So basically it directs the browser to...nothing.

Then make sure your kids don't have admin privileges on the box. Well, I think...I'm not sure if access to the hosts file is blocked for non-admins, but it's something to be done anyway.

If I remember correctly, those Windows passwords were only for personal settings and getting around them was pretty easy.

this is true for Win 9X (including ME)

but Win2k and XP are much easier to lock down

it's possible with older versions, but it's probably not worth it

Just tell them you'll circumcise their eyelids if you find out they've been on the sites.
I've threatened to remove their thumbs, but I get the feeling they don't take me seriously. DHS probably would though. :(

Baning them from MySpace will just make them want to find out why. Talk to them and explain to them the dangers involved in a site like that. I would probably go the route of allowing them to set up a MySpace site on the condition that I get to monitor what they put on it and so on.
They know why. All their friends have web pages, so they have to. I can't make it occur to them that it could be dangerous, despite everything about it in the news. Kids are stoopid. ;)

And I monitor it, and it scares me.

You might want to check out Spector Pro (http://www.spectorsoft.com/products/SpectorPro_Windows/index.html).

It's for monitoring web activity (surfing, IM convos, emails, even down to the keystroke level if you want), and it also has site blocking capability.

Probably installing a monitoring software AND letting your kid know it's there and you're reviewing everything she does would be somewhat effective. Kids hate to think they're being watched. Of course, the downside to that is that you're encouraging her to go find other places to do things online that you don't want her doing.

Of course, the downside to that is that you're encouraging her to go find other places to do things online that you don't want her doing.
Most of the crap online comes from her friends' homes. Her friends help her put it all together.

There's about 30 minutes between them getting home on the bus and my wife getting home from picking up the Pre-K boys, and that's when she gets online. I bust her, she says she won't do it again, then she gets busted again a few days later (that's a recurring theme with her).

Once heard a comedian say the diff between raising boys/girls is that at least the boys will wait until your back is turned to do what you told them not to. I found that to be all too true! :eek: :D

Heh. The SpectorPro website is blocked by Websense here at work, because it falls into the category of "keyloggers". Heh.

I need to really have a talk with my IT guy. If he's gonna run Websense, fine, he just needs to take the time to, um, well, you know, actually configure the darn thing.

Heh. The SpectorPro website is blocked by Websense here at work, because it falls into the category of "keyloggers". Heh.

I need to really have a talk with my IT guy. If he's gonna run Websense, fine, he just needs to take the time to, um, well, you know, actually configure the darn thing.
Company firewalls are the succ.

Websense is teh devil.

Doc,

If you're using Windows 2000 or Windows XP, getting around passwords is non-trivial. It's not impossible, especially if they have physical access, but it isn't exactly "easy" either. If it's ME, 98, 95, or anything before, then don't even bother.

If she keeps getting on while you're out, then aside from ye old discipline, just remove a critical part of the computer before you go to work each day.

Yank the keyboard, for example. Or the monitor video cable. It's hard to use the computer without them. :) (Note that this is only a short term solution. Most of the parts you can easily yank are cheap and easy to replace. My parents once yanked the power cables; that took me about 10 minutes to get around. The keyboard was about a day; same with the mouse.)

Best option, really, is to get Windows 2000 or XP (if you don't have them), assign each member of the family a non-administrative username and password, lock down the admin account, and go to town with firewalling (or the hosts file thing).

(I would recommend learning how netmasks work; once you do that, you can learn how to use the "whois" utility, and block the entire address space of any given company, and that changes only rarely due to administrative and technical difficulties)

i guess there is always the BIOS password as well

unless they are willing to open the case and defeat it that way, but you will be able to tell if the BIOS password has changed ;)

If XP's password is better than the old Windows passwords, then I may try it. I'll probably try the host file trick first.

I recommend a leather belt.

Properly placed, it will prevent them from accessing the website.

one of the things that irritates me about all these content filtering sites is that it doesn't allow me to do what i really want to do -> block everything except for a few sites that i allow.

what i did to handle this was create a proxy script on an inbound web server that will only allow access to a few sites -> nick jr, noggin, nick, etc. it goes inbound dsl to the webserver to the ethernet ports that are wired into the house. their pcs (and the wireless modem) are on those ethernet ports with their browser configured to hit the proxy server (no connection without the proxy script). the web server accepts the request, validates them against AD, logs the request, does a regex search of the allowable urls and then either denies or allows them to view it. i'm playing with a script that will proxy record im chat logs, but i'm not in that much of a hurry as they are blocked for now.

the biggest issue with the above is that its expensive as crap (unless you worked at msft and got a free msdn license) ;). you can build a unix box that will do it much cheaper as they have an open source trap called toms something.

one of my business ideas was the code the above logic into some firmware for routers so that parents could have something they could control in a piece of hardware (though it doesn't prevent someone from just plugging their ethernet cable straight into the wall...)

I created a page for my 4 year old. She doesn't type in addresses yet.

127.0.0.1 is the IP for your computer. So basically it directs the browser to...nothing.


Unless you have IIS or Apache running on the local machine... ;)

yeah, be sure to disable your pr0n server before doing that :D

Unless you have IIS or Apache running on the local machine... ;)
Well I'm figuring that someone running a web server probably already knows about the hosts file SMARTARSE!!!
http://img70.imageshack.us/img70/1526/haggis7ca.jpg