S
S
soundie2012-09-17 01:08:53
Antivirus
soundie, 2012-09-17 01:08:53

Blocking access to certain sites on a schedule?

Recently I needed a program for parental control (under windows). The requirements are simple - the ability to block the launch of applications and sites on a schedule. That is, for example, from 9:00 to 14:00, the user cannot run certain applications or visit certain sites. You also need at least minimal protection for this program from being bypassed or closed from the task manager.
Most modern antiviruses have bypass-resistant parental control modules, but in almost all of them, despite the fact that you can limit the time to run certain applications, you still cannot limit the time to visit certain sites. There is only a function of simple blacklisting and that's it.
Of all the software I found, the TrafficWasher program was almost ideal, but it turned out to be quite easy to close it from the dispatcher. The Kerio Winroute program has also proven itself well in temporarily restricting access to sites. However, there is no password protection - the user can restrict himself in access to sites, but at the same time has full access to the settings and it turns out that the meaning of the restrictions disappears - he limited himself and allowed himself.
Maybe there are some other firewalls with the ability to schedule access to sites and protect settings with a password? I am aware of large applications for distinguishing traffic over local networks, but I want something simpler - we are talking about one home computer, and not about a large organization. Browser plugins are also easy to bypass. Are there really no options for such a seemingly simple task?

Answer the question

In order to leave comments, you need to log in

6 answer(s)
S
soundie, 2012-09-18
@soundie

Thanks everyone for the comments! Still, in the end it turned out to do what I wanted. At least in one place. If anyone is interested, I installed kaspersky crystal (it has a parental control module) and kerio winroute (a regular firewall). The first blocks applications on a schedule and completely blocks porn sites, the second blocks the sites I have chosen on a schedule. Both are very resistant to traversal. As soon as I did not try to get around - it did not work. Of course, it will not save you from livecd, but other methods do not work due to the high security of the Kaspersky antivirus and the low-level driver from kerio. The problem with kerio was that it didn't have protection against changing settings. I looked in the task manager - there are two processes from kerio, the first is directly engaged in blocking, the second is for the tray icon, where these settings actually change (disable / enable, launch the admin panel). If this second process is closed, the firewall still works and sites are blocked. Therefore, I took it and banned the launch of this second process from kerio in the same Kaspersky. Well, of course, I put a password in Kaspersky to change the settings. Even if I had to dance with a tambourine, but in general it works as it should. It is also necessary to add the kerio process to the list of trusted applications of Kaspersky. Well, when installing Kaspersky, he will swear at incompatibility with kerio, but you can forget about this and click "Skip" in the corresponding installation window. Well, of course, I put a password in Kaspersky to change the settings. Even if I had to dance with a tambourine, but in general it works as it should. It is also necessary to add the kerio process to the list of trusted applications of Kaspersky. Well, when installing Kaspersky, he will swear at incompatibility with kerio, but you can forget about this and click "Skip" in the corresponding installation window. Well, of course, I put a password in Kaspersky to change the settings. Even if I had to dance with a tambourine, but in general it works as it should. It is also necessary to add the kerio process to the list of trusted applications of Kaspersky. Well, when installing Kaspersky, he will swear at incompatibility with kerio, but you can forget about this and click "Skip" in the corresponding installation window.

M
mrBuG, 2012-09-17
@mrBuG

I would take a router and install a modified (custom) firmware on it with the ability to install software. This will allow you to install Squid or 3proxy, which allow you to restrict L7 access according to any rules. How to wrap traffic on a proxy is another matter. Either transparently (if the computer user has administrator rights), or register a proxy in the browser (if the account has limited access rights, do not install other browsers and do not change proxy settings). Transparent proxying is still preferable.
It is worth remembering that this configuration is easily bypassed by using a VPN or other proxy server.

I
interrupt_controller, 2012-09-17
@interrupt_controller

Buy a router, stock firmware often has such functionality, if not, dd-wrt will save.

J
Jammarra, 2012-09-17
@Jammarra

TrafficWasher and prevent the task manager from running for the user, the simplest.

O
orangeflute, 2012-09-17
@orangeflute

I recently asked myself the same question. The firewall in the router turned out to be too primitive and could not provide the necessary functionality. As a result, after trying a bunch of options, I came across a free service Rejector . The service works as a DNS server. Allows you to configure filters on a schedule, everything is done quite conveniently.

V
Vampiro, 2012-09-17
@Vampiro

Here I was “inserted from Ispumizan” (c) for the last time on this topic :)

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question