One project I completed recently was to make a locked-down Windows XP desktop eXPerience for my kids at home. My twofold goal was to specify which programs (for their various CD-ROM games) they could run, and to compile a whitelist of websites they are permitted to visit.
After I made a new user (not part of the Administrator group) named "Kids", I logged in as Kids and put shortcuts to the games on their desktop. I knew XP had some built-in ways to tell it which programs you want to be allowed to run using the "Software Restriction Policy" section of the Policy Editor. So, take a look at the Software Restriction Policy and read about how to specify which programs are allowed to run. Don't forget to remove the .LNK file file format, like the article says, or your desktop shortcuts won't fire.
The second part of this puzzle is to lock down the kid's Internet browsing eXPerience so they don't stray into dangerous territory and either see things they aren't supposed to or to accidentially download spyware or other things. You can use Internet Explorer to do this with Internet and Trusted zone settings kind of like the Software Restriction Policy above. I initially tried this method, but I didn't get it working quite right. So, I went back to what I wanted to use in the first place - Firefox... The trick in Firefox is to go into Tools > Options > Advanced > Network > Settings... and click the "Manual Proxy configuration" radio button. Leave the HTTP proxy set to either 127.0.0.1 or set it to 0.0.0.0. Now, in the "No Proxy for:" field you put all the sites you WANT the kids to be able to visit with commas separating the sites like "noggin.com,nickjr.com,*akamai.net". What this trick does is try and proxy all websites to your computer which won't work since you're not running a proxy on the desktop. The sites with no proxy will go right to the website on the Internet. This also means banner ads won't work a lot of the time! Sometimes it'll be hard to find out what servers the site accesses because some content providers like akamai.net may be hosting flash content, but take a look at the source code of the pages in question and you should be able to see it. Also, dont forget that you'll probably need flash, java, shockwave, etc. installed for Firefox for lots of these kids sites to work right.
UPDATE:
I am now using Blocksite to whitelist the kids websites instead of the fake proxy method. After you install the add-on in Firefox go to the options and uncheck "enable warnings" and uncheck "enable link removal", then click the whitelist radio button and you can add a password if you want. Now, click add to list the websites you want allowed, then all others will be blocked.
I also installed AdBlock Plus so I could press Ctrl-Shift-B and see what connections were being made so I would know what to whitelist. Adblock Plus removed the ability to block a whole site. Maybe I could try Adblock and use * wildcard to block everything and make a whitelist for the sites I want allowed. Another day...
UPDATE:
I read about this new Firefox plugin named "Glubble" and I think this'll be the way I go when it comes out of beta. Basically, Glubble customizes the entire Firefox interface and only lets kid-friendly access for your kids accounts.
No comments:
Post a Comment