Options

Wifi Network: Blocking Adult Content

filkenjitsufilkenjitsu Member Posts: 564 ■■■■□□□□□□
in Off-Topic
I was looking for ways about how to generally block most adult content for users who connect to a WiFi network. My Internet searches have not been fruitful, but I found articles that mentioned business that do and do not block content on their WiFi networks.

Thanks for the help guys!

Over half of free WiFi hotspots don't filter adult content - Recombu
CISSP, CCNA SP
Bachelors of Science in Telecommunications - Mt. Sierra College
Masters of Networking and Communications Management, Focus in Wireless - Keller
· Share on FacebookShare on Twitter

Comments

  • Options
    ajs1976ajs1976 Member Posts: 1,945 ■■■■□□□□□□
    The meraki devices I have has a setting to block adult content but I have not tested it. Normally, I would expect to use that function on the router/firewall not on the wireless access point.
    Andy

    2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
    · Share on FacebookShare on Twitter
  • Options
    CoolAsAFanCoolAsAFan Member Posts: 239
    Couldn't you just use a firewall/proxy?
    IvyTech - AS CINS (Completed: May, 2013)
    WGU Indiana - BS IT Security         (Started: August 1st, 2013)
    Transferred: AGC1 CDP1 BVC1 CLC1 CVV1 DHV1 DJV1 GAC1 CIC1 CDC1 UBT1 IWC1 IWT1 TCP1 TJP1 TJC1 EBV1 WFV1 EUP1 EUC1 CJC1 UBC1 TBP1
    Completed: CUV1 BOV1 DRV1 DSV1 CTV1 CJV1 COV1 CQV1 CNV1 TPV1 MGC1 TXC1 TXP1 BNC1 TYP1 TYC1
    Required:     SBT1 RGT1 RIT1
    · Share on FacebookShare on Twitter
  • Options
    docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I seem to recall cases where someone used a transparent Squid proxy and integrated a URL-based categorization engine, perhaps something like this:

    https://www.untangle.com/store/web-filter-conf.html
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
    · Share on FacebookShare on Twitter
  • Options
    DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    This makes me think of websence or any other URL filtering appliance. There not on the wireless but put either inline or via a monitor tap to look at the traffic and compare it to URL filter list.

    There are a load of companies out there with products like this, most have a centralize database that is downloaded at regular intervals. and they range from £100's to £1000's depending on features. Or there are even free databases if you look for them but I not sure what guarantee you have they are accurate.

    Checkpoint, Cisco and Websence are the three I have dealt with, however there are many more. If you only want to filter wireless traffic then thats simple to set up. and like every thing in IT there as many ways to skin that cat.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
    Linkin Profile - Blog: http://Devilwah.com
    · Share on FacebookShare on Twitter
  • Options
    QordQord Member Posts: 632 ■■■■□□□□□□
    I block them at home by using opendns dns servers. Not sure if that's a viable option for what you want to do, and there are definitely easy ways around it if someone is curious enough to search for it.
    · Share on FacebookShare on Twitter
  • Options
    --chris----chris-- Member Posts: 1,518 ■■■■■□□□□□
    Qord wrote: »
    I block them at home by using opendns dns servers. Not sure if that's a viable option for what you want to do, and there are definitely easy ways around it if someone is curious enough to search for it.

    Very cool stuff, I never knew that existed!
    · Share on FacebookShare on Twitter
  • Options
    filkenjitsufilkenjitsu Member Posts: 564 ■■■■□□□□□□
    Guys, looks like OpenDNS will be the option for me to use. I can setup the OpenDNS ips in any wireless router and setup the filtering at the DNA end. This is a free solution for home users.
    CISSP, CCNA SP
    Bachelors of Science in Telecommunications - Mt. Sierra College
    Masters of Networking and Communications Management, Focus in Wireless - Keller
    · Share on FacebookShare on Twitter
  • Options
    Cert PoorCert Poor Member Posts: 240 ■■■□□□□□□□
    You guys beat me to the OpenDNS suggestion. It's definitely the fastest "keep it simple" solution. To be effective, you'd have to block all other DNS requests from going outbound or tech savvy users can just override DNS settings.

    For everyone's quick reference, the OpenDNS FamilyShield servers are:

    208.67.222.123
    208.67.220.123

    Those automatically block adult content without any configuration or account needed.

    The regular servers are:

    208.67.222.222
    208.67.220.220

    I definitely like the built-in phishing/malware protection, so I've switched over my home devices to 100% strict OpenDNS. I don't have an account and don't see the need to do categorical filtering for my needs.
    In progress: MTA: Database Fundamentals (98-364)
    Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
    Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
    ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS
    · Share on FacebookShare on Twitter
  • Options
    EV42TMANEV42TMAN Member Posts: 256
    Hopefully the openDNS option works out for you, but just in case it doesn't here is a few other options.

    Meraki- Their wireless APs have adult content filtering and it works, but the access points are expensive and it doesn't cover the whole network, only the wireless network.

    Watchguard/Sonicwall/Cisco/Any Major Firewall provider- They all have services to dynamically block content and on all of them they are an extra yearly subscription fee. On Watchguard its called Web Blocker, on Cisco its called WebSense, on SonicWall its called... I can't remember because I hate working with Sonicwall firewalls, but you get my point.

    If it's for a business that has departments/people with different needs, I'd recommend the firewall approach because if gives you more granularity in the configuration and centralized management on it's implementation. The openDNS solution is more of a all or none approach that can be side stepped by manually typing in 8.8.8.8.
    Current Certification Exam: ???
    Future Certifications: CCNP Route Switch, CCNA Datacenter, random vendor training.
    · Share on FacebookShare on Twitter
  • Options
    filkenjitsufilkenjitsu Member Posts: 564 ■■■■□□□□□□
    Thanks guys! Very small non-profit with 4 to 10 users max at one time.

    No one tech savvy that should not have unfiltered access anyways.
    CISSP, CCNA SP
    Bachelors of Science in Telecommunications - Mt. Sierra College
    Masters of Networking and Communications Management, Focus in Wireless - Keller
    · Share on FacebookShare on Twitter
Sign In or Register to comment.