Slashdot Mirror
What Advice For a Single Parent As Server Admin?
Dragon_Eater, with "lots of experience setting up PCs and a passable knowledge of Linux but severely lacking in the server/client department,"
writes with a situation that probably faces a lot of parents:
I want to set up three kids, 12, 14, and 15, with newer computers so they will stop fighting for time on the one ten-year-old Dell they share now. I can get the individual computers and a server put together without any problems, but the computer-handicapped single parent needs to be able to do the following via an simple application/web page: View client computer status, On/off, sleeping etc.; Deny Internet access, not LAN, just the web; Schedule time usage of computer, ex. 7 am to 10 pm on school nights etc.; Force log-out and/or shutdown of clients, for grounding purposes; and Apply some kind of firewall filter for blocking undesired web content. And as the administrator for this network I would like the following options: Remote virus scanning of client machines, or scheduled task; Some kind of hardware monitor, high temp / fan speed low etc.; and Email alerts for various log files / alarms.
Given the lists above I am thinking about a Linux-based router/server machine and running Windows on the clients for game compatibility. I also know that a server and network boot client is possible but not sure where to start on that one."
you got a whole deal of connectivity/administration project there. quit your day job.
Read radical news here
Most of what you described can be done with a decent modern router. The hardware monitoring is a bit overboard, logs will tell you what you need to know in the event of a disaster. The force log out could be done via router too, just deny internet. Alot of this can be done with very little technical effort and more parenting skill. Most of this is going to take a dedicated person to monitor it over the course of the installation.
Good-bye
It's amazing what kids can figure out when it comes to getting by the restrictions their parents set forth.
They're going to learn about networking, proxies, virtual machines, ip spoofing etc. All because they want to get on Facebook. Which they will.
this is really easily done! 1) talk to your kids, be a real parent!!! i don't think you'll ever have a case where little billy gets in trouble at 1pm and you need to disconnect his computer rights from work. 2) if they need to be punished unplug the computer and take it away. 3) have admin rights to their computers so you can keep tabs on what they're doing and can't hide anything from you.
problem solved.
next.
the simplest and most effective block is to go over and shut the computer off. Take away the computer if you have to (or just the cords if that's too much trouble).
The person does not know how to do security...
Here is the problem. Kid A.... "Parent parent parent I need to get a project done and you shut down my computer at 10PM. And if I don't get this project done I will get an F!"
At this point the parent's security is blown to bits because they need to make an exception. And how often will this kid say, "parent parent I have a "project""
The easiest way to answer this is as follows:
1) Own the route to the Internet. That means you give or deny access to the Internet. Kids loose interest REAL quick if they can play with the Internet.
2) Let the kids have access to the computer anytime they want. WITH the exception that you can remotely log in at any time. Install VNC server and periodically log onto the machine and see what your kids are doing. Yes it is big brother, but it also keeps people honest when they know you can log in at any time.
3) NEVER give out the password. And that means you as the parent need remote access to the home network. Because imagine being out for the day, kid comes home and needs access to the Internet. They phone you, and unless you give them access you are going to have one angry kid. Thus make sure that you can remotely access your network, make the changes and move on...
Otherwise the rest is silly and life should be fine...
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Where to start: Scrap all your ideas and start over.
Yes, everything you asked for can be done. The reality is though is that, with the amount of complexity you are asking for, you will be a full time sysadmin for them - you might as well quit your day job now.
Your setup is simply too complex for a non-techie (and to be honest, as a techie, I don't want to have to admin something that complex at home). You need to stop asking "can I" and ask "should I?"
Windows PCs joined to active directory can let you manage them, set logon hours, etc.
Why do you care to know if the PCs are sleeping/on/off/whatever?
A router running DD-WRT will let you deny internet access based on hours and/or PCs in a simple manner. To be perfectly honest, I hate the concept of internet filtering (by parents or otherwise) as I believe it is another step toward turning people into drones, rather than teaching them to think for themselves, so I'm not even going to offer any suggestions on that subject.
I agree with the other posters, the system you have suggested will end as follows:
1. The kids will learn how to hack around it. This can be a good thing or bad thing, depending on your point of view
2. The system is so complex it will never work and the parent will never use it as they have no clue
3. You will grow to hate it as it will take too much of your time.
We use a program called SynchronEyes which does most of these things, allows you to see essentially thumbnails of what each machine is doing, see its status remote on/off etc. It's Windows only. I see they've changed their product. It's called SMART Sync now. I don't see pricing which is probably not good. Here's a link
It's a pretty front end for VNC like functionality which would be free/oss but nowhere near as easily set up (but I'd wager largely what people will say since you specifically mention Linux and Windows and it works on both). I'm not really an expert on this part, but SychronEyes has worked well, after I added it to a custom Ghost image for that lab and set the clients to use hostnames instead of usernames for identification. It might be overkill for what you need though.
Only XP era games "need" administrator access.
Learn to configure/administer virtualization. You control what gets on the box, and "never" have to worry about permanently hosing the machine, even if they have administrator privileges.
Sounds like he needs a firewall machine to regulate internet access (But I can't think of any prepackaged firewall software that will not require work to configure/administer). He could order up win7 ultimate as a central server, doling out usage rights to the clients, managing access to the OS disk images.
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
Seriously! Just stop!
1. You either come up with a "normal" computer usage policy, you know, talking to your kids about stuff like porn, sex, appropriate computer policy in your house (better not be too strict on this one :P), purpose of getting them the computers, internet privacy, etc, or,
2. don't and the kids will get to all the "inappropriate" places anyway and may get you into more trouble than you ever imagined.
Frankly, you can't "filter" porn. If someone wants to get it, they will. Maybe this is one of the good sides of internet porn - parents forced to deal with sex-ed of their kids. Although most go the "easy way" and pretend it doesn't exist - "but I installed a filter!!"
Second, I would be much more nervous about insisting that your kids DO NOT use any of the file sharing software without prior permission, on case-by-case basis. Explain about the MAFIA, I mean, MPAA and the like on their lawsuit campaigns.
Regardless, your solutions are *parenting* human solutions, not technical ones.
I'm doing something similar but in our family, we've got a 7 and an 8 year old and a 3 year old, so it's a different "ball game".
In our situation, I don't bother trying to put Linux on any of their machines. I've found that for the younger kids, the vast majority of their time spent playing anything Internet/web-based involves Shockwave Flash based sites (or sites using other proprietary 3D player plug-ins). Unfortunately, nothing runs this stuff quite as well as either a Windows XP (or later) OS, or a newer Mac running a recent version of OS X.
I found a free add-on for Firefox called Kidzui that was pretty nice. It basically turns the browser into a "kids' browser" that has a "home page" with good suggested sites for them to visit, and lets them click and explore around in a big collection of known "kid safe" web sites. Basically, it doesn't allow going anyplace except sites they pre-approved, but they make the whole experience feel like the kid is just getting around the net without restrictions. Additionally, it can email the parent weekly stats on the sites they spent the most time using, etc.
If you're using a Mac, OS X has pretty nice parental controls built into the OS for things like not allowing use of the machine after certain hours. I didn't find Windows had nearly as nice of capabilities for that, out of the box (though Windows 7 was closer than any previous version of Windows to offering it).
Honestly, I'm not that "sold" on putting forth the effort of setting up a lot of centralized administration and maintenance for the machines on a small home network (like for 3 kids). You may as well put free anti-virus/spyware software on each computer and let them auto update themselves independently. The products that support centralized management of the AV software tend to be expensive and/or buggy. (You get weirdness like one box that gets out of sync with the server console, so you have to mess with things to get them to both be on the "same page" about the workstation's status again.)
If anything, I think it'd be worthwhile to image the drives of all the machines, once they're freshly set up with the OS and applications and configuration defaults you like. Then, if one gets screwed up, you can just wipe its drive and re-image at will from your network server. Typically, on a kids' PC, they don't have that much important data to worry about losing anyway. If they're doing most things on the net, the sites they use are saving their high scores, user profiles, and such.
... forget the techie crap, and try spending more time communicating with your children.
I'd rather have a kid who I know I can trust to turn off his PC for the night, than have to rely on tech control and surveillance.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
As a parent, you are supposed to exert some control over your children. That is why they are called children... That are not yet adults, and are not yet expected to show adult responsibility.
Yes - and you exert that control by talking to them, occasionally looking over their shoulder and showing them some amount of trust, not by installing a totalitarian regime in your home. Technology does not substitute for parenting.
Ubi solitudinem faciunt, pacem appellant.
It's a little over the top but parents are supposed to keep an eye on what their own kids do.
At least that's the reply whenever parents try to foist that particular burden on society rather than do it themselves.
Where N is the number of computer users and you want them in a shared space, not in each child's room. Providing each child a personal computer, especially in his room, is a guarantee that any kind of interaction between you and your kids and between themselves will end. Ensuring computer "scarcity" will force you and, more importantly, your kids to interact with each other. It may even force you and your kids, gasp, to share a computer.
This also has a couple side benefits:
1. There are no "secrets" on the computers so you have no need for the tight monitoring and/or policing you seem to think you want.
2. Virus infections become a shared painful experience with obvious lessons being learned on how to avoid it the next time.
HW monitoring is kind of pointless as it won't tell you anything.
This only leaves you with a couple problems to deal with:
1. backup - there are plenty of backup solutions out there. Generally, you'll want some kind of external drive setup with automated user data backups.
2. virus recovery - If you like anti-virus software, use it. However, you should probably also keep a fresh install method handy so you can simply re-install without having to deal with the mess (this is where a good backup becomes very important). Taken a step further and to save lots of time you could have all your machines running VM hosted Windows images. Then when one of the images gets infected or otherwise "goes bad" you simply revert to the latest and greatest clean VM image (user data backup is still very important).
Both Windows 7 and OSX have parental controls that enforce usage times in a per-account basis, which apps can be run from these accounts, which sites can be accessed, etc. I have been using these with OSX (a good write up at http://theappleblog.com/2009/01/13/kid-proofing-a-mac-with-parental-controls/) with my 11-year old autistic boy and they couldn't be any simpler. He can only log into the machine at certain times, and I have the option to set a maximum session time per day. He can only run apps that I approve, and can go to sites only if I explicitly allow them. The bad news is that, at least in OSX, Firefox doesn't respect the parental control settings (Safari does it fine).
I checked with Windows 7 and the parental controls seem to be pretty similar. More at http://www.microsoft.com/windows/windows-vista/features/parental-controls.aspx
My only real annoyance is that Youtube doesn't have real content rating, which makes it a pain to filter properly. My son loves to make balloon sculptures and is always checking for new video tutorials, the problems is that while looking for these, he runs into the videos of the balloon popping fetishists. One second I am hearing a video explaining how to twist balloons into a roadrunner, next I hear a 300-pound woman in a bathing suit giggling and sitting on balloons to pop them. Gross.
Pedro
----
The Insomniac Coder
There are products you can buy that are normally used in businesses, that allow you to do key stroke logging, remote snooping the screen, etc. If you're as paranoid as the business that use these tactics on their workers then I'm you can find them with the Google. I don't expect they will be cheap, and they will require a lot of setup, you'd also have to do this away from home for obvious reasons. But if you mistrust your kids that much already I'm sure you're prepared for that.
This sort of thing sounds like it's right up your alley: http://www.softactivity.com/
Of course as pointed out above they can be circumvented with the Google too, often by the simple expedient of going to a library, or a friends house. You could of course spy on them there to, by bugging their phone, though of course if you follow down this route you'll work out that locking in their room, and home schooling them under armed guard is the only rational choice. What you're going to do in a few years once they leave home and become adults, (so called) is a different matter.
You could of course just lock them in the basement.
Never said it did. But occasionally you have to clean the house, cook dinner, go to the bathroom. Not all of us have the leisure to hover over children all day. Especially a single parent, as referred to in the post. This is just a gateway, not a solution. It will never be perfect, and it will require an attentive parent. I would also say keep ALL of the computers in the living room. With less privacy, they are less likely to "cheat" the filters. The old "Daylight is the best disinfectant" sort of thing.
I remember when I was a teenager.
My dad added a power on password on the basis that he utterly detested games.
The problem was he didn't even give it to my mother.
Of course one day I actually needed to print something in a fucking hurry and he couldn't be contacted so I solved the problem with a screwdriver and the motherboard manual.
Which brings up the problem of physical access.
All the software in the world is pointless if the teenager can simply swap some network cables.
virtualization will kill any game need a video card better then a basic 2d one.
This does most of what you want out of the box.
There is a nice admin interface where you can create profiles based on day of week, per MAC etc. Block certain keywords.
But if you don't put any barriers in how shall they ever learn about proxies, address spoofing, packet sniffers and all the other wonderful things involved in defeating technical parental controls?
What they NEED to do is supervise what their kids are doing - not leave it up to the server - the kids will get around that SO quick.
All you're doing is giving a false sense of security.
Put the computers where the single parent can SEE the kids using them. And they can see each other. If you start hearing lots of giggling, check to see if they're looking at porn. Also, the kids will snitch on each other if they can see what they're doing.
I am having a laugh riot at the idea of a household consisting of a single parent, a 12 year old, a 14 year old, and a 15 year old being run as a democracy.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
I'm losing some mod points by posting this, but I didn't notice the ages here -- 12, 14, and 15? Let them have some old/spare computers if they want. Show them where to download a virus scanner and tell them that if they break anything, they have to fix it. I don't see what the issue is here. They are going to have homework the requires the Internet anyway, so shutting down access after 10pm and in the early morning is just going to hurt them. By the way, my middle and high schools implemented strict filtering schemes on their networks. We had to put a fair amount of effort into getting around them *not* because we wanted to browse facebook/myspace/b/ at school, but because we often did research for our essays on school computers, and we wanted actual, balanced evidence, rather than the limited and biased crap that the filters let through.
This is one area where Linux amazingly has been lacking. Home Domain Controllers. You can create a home domain controller with features Windows has never dreamed. Its just really really, really too hard. There needs to be a Home Domain controller Application added to most Linux Distributions.
Mandriva comes close to this with the ability to setup fully functional Samba Domains stand-alone only. But if you try and configure OpenLDAP, Kerberos, Squid, FreeRadius or anything else, it becomes a time vampire to get it all working right. And its not that the software is buggy. Its that often, the software is configured badly, and not at all.
https://qa.mandriva.com/show_bug.cgi?id=58653 Take a look at this bug I filed.
[...] if you had a Windows Domain Controller. That's probably outside of your budget. [...]
Some linux-friendly routers will allow you to run a Samba DC on them. Samba 4 supports Group Policies. It is marked as not being production-ready, but it should be safe enough for a home network. While you're at it, the same Samba could provide printer sharing for all the machines.
(Not that I believe that Group Policies can replace proper parenting, though. Using technology to solve social problems seldom is a smart idea.)
Rudolf Hess edited Mein Kampf. He was the very first grammar nazi.
You can setup compatibility mode and run only the game as Administrator, without letting the user login as more than a Power User.
Or use Filemon/Regmon. Figure out what files/registry keys the game needs Administrative control over and grant it only the permissions it needs.
Also, run Windows 7, not XP. It has some backwards-compatibility features such as registry/file redirection which makes some things that required admin on XP not require admin on 7.
Keeping an eye on your kids is not the same thing as having a totalitarian regime. I think that logging what your kids do and when is completely acceptable. Whether you reveal this information to them or not is a different story.
When I was a teenager, I got in all kinds of mischief. It turns out that my parents knew about pretty much all of it, but I did not know about this at the time. They didn't interfere unless they thought that I was getting into something over my head... like when I became very depressed, for a long period of time, and I bought myself a bottle of sleeping pills. That was an important intervention.
Children have no right to privacy. Teenagers chafe at the idea, of course, but the fact is that they are children, and good parenting means making decisions that are in their best interests, not their greatest desires. When they're able to weigh their actions with the consequences of those actions (i.e., becoming an adult), then they get privacy.
When your daughter starts googling birth control, it's time to have a chat.
the computers he's trying to administer are like 10 feet away from him.
Not necessarily. Single parents tend to have a job.
So you are ok with your kids being on AIM all day looking for older guys who make them feel special? Or surfing porn all day? Or, even doing what you want and accidentally running across goatse guy? He's not looking to be the gestapo. He's looking to have some basic protections in place to protect his children from the unsavory parts of the Internet, and to make sure that they don't abuse the priviledge of having a computer in their rooms.
Sure, he could fix this by doing what he does now, having one computer for all three in a public place. But he's trying to improve their access, not limit it. And he just wants to make sure that improvement isn't abused.
Learn to love Alaska
"Children have no right to privacy."
You forgot to prefix that with "In the US"...
Ezekiel 23:20
I hate to sound like an ass, but if you're so scared of what your kids are going to do when you leave for 5 minutes, you're not doing your job as a parent. If they're 2, sure, hover over them - my brother got into our fireplace and covered with ash, as well as took every big sharp steak knife out of a childproofed door in about 30 seconds of 'not there'.
But if your kids are old enough to use the internet, and you're seriously worried they'll burn the house down while you're in the can - you and your kids have a problem that a firewall won't fix.
My parents raised me with the assumption that I wouldn't pull any stupid shit, made sure I knew what was stupid, and made me dislike coming off as stupid. That's really all it took.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Have you ever tried just turning off your TV and your computers, sitting down with your kids, and hitting them? - bender
Number one priority is figure out the exit plan.
In "about three years" by yer own figures, the oldest is going to be utterly and completely totally free, at college or whatever. In less than a year, total freedom for limited time periods behind the wheel, visiting stores and other peoples houses, etc.
Building a better cage is not going to help the kids relate, when they're finally released/paroled into society.
Which kids have the biggest problems at 14? The kids of "anything goes" parents. Which kids have the biggest problems at 19? The kids of overprotective parents. On average, 14 year olds can get into less trouble than 19 year olds. So, teach them responsibilities of freedom at 14 with your guidance, not 19 and alone.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Parents should be the ones making these decisions instead of the government (Australia anyone?). This goes to the heart of the argument regarding censuring content and who's responsibility it is to decide. Adults should be able to decide for themselves and parents should decide for their kids. It is up to each parent to decide what is and is not appropriate for their kids and to determine the best way to do it. Saying that the poster is enforcing fascist policies on his/her kids is the same argument that a government uses when trying to implement censorship laws on its citizens: you know what is better for them more than they do.
As for the technical question: Most of what you want to implement can be done through an off-the-shelf router that has had the firmware flashed with DD-WRT. You can set up individual profiles for the MAC address of the kids laptops that limits the times that they can access the internet, and when you ground them you can disable access completely via their individual profile. It also has some VERY basic web filtering. You have to have/buy a router that is supported by DD-WRT, but you can get one pretty cheap. The ASUS 520GU is supported and it usually can be had at NewEgg for around $40. If want more robust web filtering you can set up a linux server and run Dan's Guardian & install Nagios for hardware monitoring.
The thing is, the requirements are extra-detailed and a little anal, which make them seem over-the-top, but they basically boil down to:
(1) Restrict internet usage to normal times so the kids don't stay up until three am on a school night. Reasonable.
(2) Revoke access as a punishment. Kids have been getting grounded for how long?
(3) Block access to some sites. Entirely reasonable if you're talking really bad sites or malware infected stuff. It doesn't necessarily equate to some active proxy reading their facebook posts. Besides, I'm sure the kids don't want to see goatse any more than you.
I'm sure plenty of good parents keep guns in a safe and liquor in a locked liquor cabinet. Obviously a gun or booze is more dangerous than the internet, I'm not trying to equate them, but there are advantages to a layered system of trust. Technology and good parenting aren't mutually exclusive.
Can you construct some sort of rudimentary lathe?
OS X will do pretty much everything you've asked for, with very little work. You can use parental controls to create a whitelist for which programs and websites are allowed. You can restrict account access to specific times and days. You can use ssh or vnc to connect to each machine to remotely administer it. (OS X has a very nice, fast, VNC client and server built in.) You don't need a virus scanner, since there are no viruses in the wild for OS X. You can prevent installation of additional programs. Automatically limit access to adult websites. Restrict who they can mail and IM with. Limit computer use to a certain number of hours per day. Log what they have been doing. Receive e-mail requests to add additional websites, IM users, etc. so that you can confirm additions without having to use their computer. And if you install the istat pro widget, you can monitor all of the computer's hardware sensors, which will give you all of the rest of the info you asked for. VERY easy to set all of this up.
I think he's lacking in some other department too. From the POV he's talking about, he's just going to make bypassing the technical restrictions a game to his kids.
;) ) Dictator at home.
It's like a boss spending megabucks on technical solution, when he should instead make control of employees mainly a management thing that's aided by cheaper and less elaborate technical solutions.
If Boss just puts up expensive technical controls, and is not known for enforcing policy, he's not going to get compliance.
If the boss is known for enforcing a policy, he's going to get compliance with that policy, even if the boss is not in all the time, and the technical stuff isn't that elaborate.
Sure have some blocking and monitoring, but strict restrictions are counterproductive, maybe the kid/employee really does need to use the computer to do homework/work.
e.g. "Force log-out and/or shutdown of clients for grounding purposes". "Schedule time usage of computer, ex. 7 a.m. to 10 p.m. on school nights etc.;"
If they can't use the computer at home, they could go out if you're not around. If you're around to stop them from going out, you're around to stop them from using the computers[1] or using them in ways you don't want to use them.
Once they make it a habit of going elsewhere to use the computer, your technical stuff becomes useless.
You just need to know what's going on, and to block certain sites as part of showing you _really_ care what they are up to (you have to prove it in other ways too).
[1] You're the unelected Benevolent (hopefully
The parent is described as "computer-handicapped", so let's put it in terms he or she will understand: Consider, instead those old-fashed toys of yesteryear. Or consider the TV which many kids of my generation had in their rooms.
Could you imagine a parent asking that his children's toys will automatically stop working on 10pm? Or that his TV cannot be turned on when the child is grounded, or perhaps show only certain channels at certain times? Or the toys checking themselves and letting the parent know when one of them gets broken?
This is all ridiculous, of course. With toys and TV you simply couldn't even imagine doing this. With a computer you can *imagine* doing it, but it doesn't mean it makes sense to do it. A child will always find ways to break such technological rules, especially if the parent is so-called "computer-handicapped".
In college they will be using Macs, and people of their generation overwhelmingly use Macs, the skills will be more beneficial than learning Windows.
I would love to see something to support this. I was on a university campus this weekend and I was curious about this myself. I actually counted PC vs Mac as I walked around and at best Mac was 20%? While I won't argue that Mac is gaining ground I would say a blanket statement like this is not quite correct. I think learning and being comfortable with technology is more important than learning either the Windows / Mac / Linux way to do things.
Also many of the implied exclusive features are built into windows as well? Lastly, um Steam I shall quote from https://support.steampowered.com/kb_article.php?p_faqid=98
"The Mac version of the Steam client will be released in April, until that time we will be unable to provide support for Mac issues.
For more information, please read the following news post:
Valve to Deliver Steam & Source on the Mac
Please note that not all Steam games will be available on the Mac client. Availability will be determined on a game-togame basis."
Right now Steam runs 0 of the games and who knows what the future holds there.
Hoyty
I agree but one should still be able to review logs of places the kids (or their friends) have been. I'm their parent, not just their friend.
I'd suggest that if you're only having the chat after your daughter starts googling birth control, you've probably left it a little late.
AND, to continue singing the praises of ClearOS as the perfect solution to the server/gateway side of OP's requirement, it includes among other thigs:
- an email gateway/server
- proxy server with content filtering
- protocol filtering (mommy/daddy can limit those pesky torrents or set up time based filters to gaming servers) He could even give some protocols bandwidth priority at certain times of day - more gaming over weekends, more http at other times.
- shared folders for users
Heck there are tons of features, some not really needed but others perfect.
and lots more. ClearOS would be the best to use, also there is an active forum where OP can ask for assistance, and $singleparent can sign on for help.
Heck OP can log into the server remotely and assist with any issues requests that might show up.
Seven Days with Ubuntu Unity
Electronic bullying can result in teen suicide. Young kids seeing terrorists cut the heads people can be disturbing. I can think of lots of things on the internet that can be as dangerous as a table saw.
I'd suggest that if you're only having the chat after your daughter starts googling birth control, you've probably left it a little late.
This. Would you also read her diary? Both of those is extremely intrusive and will take them about 1 minute to get around. I suggest a simple firewall to block certain sites and you unplug the internet cable to the router locked in your closed after hours. For grounding you take their flat screen monitor away. There I just saved you $600+ and hours of administering
I could make my own Ethernet cable (with a screwdriver as the only tool no less) when i was 12.
...but to make up for that, your parents could sleep comfortably in the knowledge that you were unlikely to become a teenage parent :-)
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
While not a beheading, I see goatse all the time without explicitly searching for it.
Well, I would if I didn't recognize a bad link for what it is. But sometimes the trolls are just a little more clever than you expected that day, or you hadn't had your caffeine fix yet.
"I'm not sure I like the fugnutish tone you used in your post!" -RogL (608926)-
So you are ok with your kids being on AIM all day looking for older guys who make them feel special?
If a teen is looking for older guys to make them feel special, she is already emotionally vulnerable and needs some help. Cutting off the computer/internet without providing some support will just make her look for someone in real life.
Or surfing porn all day?
Pretty much the same deal. Your job as a parent is not to pretend that porn does not exist, but to explain that the behaviors depicted in it are unrealistic and often unhealthy.
Or, even doing what you want and accidentally running across goatse guy?
Look, sooner or later your precious little angel will see that pic. He or she will also see many other disgusting things, both in real life, on television, and on the web. You can't prevent that, but hopefully you can give enough context to allow little Junior or Princess to assimilate it and get on with his or her life.
He's not looking to be the gestapo. He's looking to have some basic protections in place to protect his children from the unsavory parts of the Internet, and to make sure that they don't abuse the priviledge of having a computer in their rooms.
Look at the age ranges again. They're not going to accept those kinds of top-down restrictions blindly. They'll get that you don't trust them, aren't telling them what they can't see, and become naturally curious about it. And since you've given them no background or explanation at all, they'll have no frame of reference for assimilating it in a healthy way.
One word: Padlock.
I had my first lockpick set when I was 14. Padlocks, particularly the kind typical tightwad single parents used, were no barrier to me. For $10 a week I'd pick the lock to a guy's mom's bedroom, then pick the lock to her weed storage box so he and his friends could get high. It was easy money.
If a job's not worth doing, it's not worth doing right.
you got a whole deal of connectivity/administration project there. quit your day job.
At home or in the work place, nothing says "I don't trust you" quite like Nazi parental controls.
These posts express my own personal views, not those of my employer
What they need is a parent and Cisco is a lousy one.
Nice quip, but completely wrong. You just made the argument that you should never put a lock on the cabinet under the sink with all the nasty chemicals because if you use a lock, then you are having that lock be the parent and that lock is a lousy parent. You don't abandon locks on dangerous chemicals because using a lock means you are a bad parent. I've taught my kids to not go under the sink. And they don't. And there's a lock on it anyway. I guess by your reasoning I'm a bad parent using a lock for a parent, but I'd rather have the lock than to find my 3 year old drank drain-o.
It's possible to use technology (like a lock on a cabinet) to assist you in being a parent.
And don't put the PC in their room. Putting the PCs in the family room is not limiting access. Putting down firewalls and time limits is limiting.
Great, so you are telling the person asking the question that they are doing wrong. "How do I fix my Toyota?" and your answer is "Screw Toyota, get a bicycle." It might be the better solution, but isn't an answer to the question asked. They want to get the PC out of the shared space. They want to get it in the rooms. So how do they do that best? Your answer? "Don't do it." I understand your answer, but it isn't an answer to the question asked, and I've been confining my comments to the question asked. If you have fundamental issues with the question itself, then everything you say is off topic.
Learn to love Alaska
and turn the things off when you don't want them to use it.
That project you stated looks fare to complex for a single home user to manage. Yes you could get OS X/Windows 7/Linux to have schedules to shut things down, block sites etc... but really it is easier and cheaper to have a lockable cupboard and lock the computer/s up when you don't want them to be use and just make rules for your kids to follow about usage hours/grounding etc...
Don't rely on technology to parent for you (from a family of 4) you need to do it yourself. If you don't trust your kids with what they look up when you are not there then only bring out the computers when you are there.
One thing to note; children will _ALWAYS_ find a way around any security/punishment you give them (even the physical one I am talking about). The best solution to this is active parenting and trying to be an unobtrusive part of their lives
It said "windows 98 or better" so I installed Linux
This is all awesome stuff, but really when confronted with all of this I would just go next door or go to the library to look up what I wanted on the net and email whoever I pleased (facebook etc..) and so will these kids.
limiting Kids is not going to teach them anything you have to educate to do the right thing.
It said "windows 98 or better" so I installed Linux
everything looks like a nail.
The complexity and ongoing maintenance (nevermind teaching how to actually use these things) of setting up a full group policy domain.... for 3 PCs.... to be administered by a non tech savvy, time-limited single parent...
Seriously you're so much better off teaching them a few PC basics and installing a few filters etc. on their PCs. And meatspace solutions (e.g. physically locking away PCs or kb/mice). I'm not going to get into the censorship/freedom thing, its not my (or your) kids....
Worked fine for me growing up, parents would say 'no more nintendo' and enforce it with a stick lol.
As a parent and as also an admin who has to worry that co-workers will act like kids, I have both some experience and some tips in this area. The most important tip is to know your kids and care about them. Train them to be safe and teach them morals. With my kids, I use the motto: Trust but verify.
All this comes with a cost of your time and effort. The tools built into the typical router can do a lot of the work for you, but you give up some control. Also, consider your target audience, if your kids are bright teenagers, then they will look at ways around the system. They will almost certainly try to browse by IP or through proxies. If this is a potential issue, then you should also look at setting up a transparent squid proxy and blocking 443 and other ports for addresses not explicitly allowed.
VNC: I didn't list VNC because I don't personally use it at the moment, but I have in the past and it can be a very useful tool. If you use it, I recommend you don't set it to run automatically, but rather start the service when you want to use it with remote commands. In a few cases I've done this so that I could monitor activity without any obvious indication.
B) Eliminate all the stupid users. This is frowned upon by society.
Why bother? Get three corded computers, put them in a common area, if it breaks they have to deal with.
If you're awesome, set up a Windows box, Mac, and Linux machine to expose them to all three big worlds with multiuser accounts on each.
Accept the younger generation is smarter than you and will easily circumvent any idle attempts at restriction.
Unless your genuine intent is to spur the next generation of defcon attendees, just let them learn how to compute while they still live in your house.
Similar situation, but younger kids.
Online is a big part of what they do at school these days.
I can trust my kids, however I have no desire for them to wind up on the seamy side of the internet by happenstance, or their system to get malwared to death either.
For the windows (XP) PCs (you'll get lots of Server/Linux advice here...) we are setup as follows (note - these are all free options):
1 - DNS set to OpenDNS, and set to do some basic filtering
2 - loaded K9 (by Bluecoat) on the kids machines for granular filtering
3 - Firefox, NoScript, ABP
4 - Avast, AdAware
5 - logmein for remote access if needed
6 - systems in a public room (not in their bedrooms) so access times, overgaming, and withdrawel from family are less problematic
I find the above pretty hands-off. Once in a while (once a month...) they need to get somewhere that is blocked, but it isn't common and they just come ask one of us to open it up. I tried running them in user, and then power user, mode but that was a constant pain and I gave up on it (meh..)
as always with such advice, ymmv.
--- Mercutio was right.
Instead I would place the computer in one room (not their bedrooms) so you can control it, secondly I would only buy one computer, as it is not cheap these days, and I would buy one of these thin client units...from tigerdirect...
http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=15398&sku=N316-1014
which allows you to set up as many people (up to 4 per unit) per one computer.
Thirdly, I would hire a geek squad dude (or put an add in the paper saying you need an admin to help quickly set up accounts on a machine for 40$) to come to my house and configure the 3 kid accounts and do all the AV install etc...
for usually about 30 or 40$ per hour, as this is child's play for a learned admin, he will set up limited accounts, and tell you how to use your system....also keep his number handy. What he will do in 15 minutes will take you all day to figure out....also
he may even be able to set up the rest of the kids consoles (if you have a wireless router) such as playstation xbox etc...
to allow your kids to access internet from their other consoles....keeping the pc time to a minimum....unless they have no consoles.
Make sure to also ask for a backup of the router configs, in case he has to come in afterwards to reset it, as it is very easy to do from a backup when someone fiddled by accident or on purpose with your router. Also backup of the pc would be nice too, into
a separate drive or partition that way if you ever get a virus and need to reinstall, you dont lose personal files because everyone KNOWS to keep their personal stuff in their personal folders on tat separate driver or partition.
No it's not.
It is more like; take a active interest in your kids lives, talk to them even about the hard subjects. Let them learn from your experiences and mistakes. Don't rely on technology, other people and laws to do your job for you.
Bring up kids _IS_ the hardest/most rewarding thing you (or anyone) will ever do.
It said "windows 98 or better" so I installed Linux
In any area where there is a neighborhood that will not work. We have some very good friends who are not particularly computer literate. I am very close with them and with their kids. They secured their router and put time restrictions and everythign else on them./ About a week later at 11pm I saw their middle daughter online and IM'd her "On the neighbor's router?" "Of course." I had a talk with the parents, took the kids' laptops for an afternoon. Explained to them that I now had logs of everything that was going on, just as I had done for my kids. I showed them quick excerpts from the logs. They have been good every since now that I am packet sniffing everything that goes on from within their own machines. I occasionally take a quick (and I do mean quick) look through all of the logs just to make sure that nothing particularly nasty has been happening. Aside from catching my son on porn sites, nothing really has. Ronald Reagan said it best: "Trust but verify". Kids get that. W
Lay down the rules and trust your kids to do the right thing then spy on them and cut them off for infractions.