cutting off all sorts of "p o r n" on 877 router

Unanswered Question
Jul 17th, 2010

Hi,

Can anyone give me a tip on creating firewall rules to ideally cut off any kind of porn access or at least significantly limiting and making it difficult?

Thank you!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Zenith888 Sat, 07/17/2010 - 07:13

Oh, this is ridiculous! We are in a router support forum and they are censoring the word which is the reason most firewalls exist.

My post is about P O R N and getting rid of it, how on Earth can I ask question if the word is censored?

Mohamed Sobair Sun, 07/18/2010 - 01:18

Hi,

here are some options:

1- using AAA or Tacacas authentication servers for access.

2- limiting the Access to specific source IPs.

3- create different user privileges.

HTH

Mohamed

Paolo Bevilacqua Sun, 07/18/2010 - 01:41

1- using AAA or Tacacas authentication servers for access.

And how exactly ???

2-  limiting the Access to specific source IPs.

So people will start changing their IP addresses

3- create different  user privileges.

Like how exactly ?

Paolo Bevilacqua Sun, 07/18/2010 - 04:32

What I misunderstood here?

That all the OP wants, is to cut off user'.s access to "questionable content".

Paolo Bevilacqua Sun, 07/18/2010 - 14:23

Open DNS works great for us at our  small school.

Check for kids using IP addresses instead

Zenith888 Sun, 07/18/2010 - 09:26

But go on! What commands should I issue to the router to disallow access to pornographic web sites and d/ling porn via p2p and bittorents?

Nagaraja Thanthry Mon, 07/19/2010 - 08:02

Hello Zen,

You have few different ways of doing it.


1. Use a URL filter like WebSense on N2H2.The router will redirect URL request to the URL Filter server and server will approve/reject the request. Based on that the router will either forward the request to the internet or send a deny page.

http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_fwall_websense.html

2. Use a content filtering solution which is more granular and will look for any offensive content and block it. You need a content filter module either installed on the router or you need to have a third-party solution

https://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6643/prod_qas0900aecd804abb06.html

3. Use a proxy to access internet. Configure proxy with parental controls. This could be somewhat economical given that there are some implementations that could be run on a linux box. But the only problem with this solution will be scalability and reliability.

Hope this helps.

Regards,

NT

Mohamed Sobair Mon, 07/19/2010 - 12:06

Paolo,

I know its a problem being sensitive to each word, I shouldnt be .. and I have also been over stressed a bit.

So I apologize, I do much respect you!!

Thanks,

Mohamed

Paolo Bevilacqua Sun, 07/18/2010 - 14:20

Mohamad, you are wrong. The OP was perfectly clear in his post, but your answer was not addressing the problem, and I simply remarked that.

All the rest is unnecessary rambling by your side, that you could have spared. Thank you however for providing the link to content URL filtering.

I personally have no bad feelings, so take care.

Mohamed Sobair Sun, 07/18/2010 - 01:50

Hi Paolo,

what I understood the poster needs to limit access credential to the router being accessed by everyone, the word (P O R N) access what made me assumes this.

What I misunderstood here?

Mohamed

Mohamed Sobair Sun, 07/18/2010 - 11:36

Paolo,

I was waiting for your answer, and you didnt mention any thing in detailed explanation, However, I was also waiting for the Original poster to understand his delima as HIS QUESTION WASNT CLEAR.

I was actually very surprised about your offensive reply and abusement, but I have decided to better send you this message rahter than any thing else. Kindly read the following points carefully:-

1- Its me who will decide to refrain from posting not any body else.

2- I beleive it would be more elegant and polite to describe the Original poster question and solution to all of us including me since you know it rather than being offensive.

3- I will not report your previous post as abusing cause I found it sufficient writing those points for you so you would learn from your mistake.

To the Original Poster and ALL :

Please refer to (Cisco IOS Content filtering) in this URL which  should solve your problem, However, be informed that it requires licensing and additional payment. here is the url:

http://cisco.biz/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6643/prod_qas0900aecd804abb06.html

Thanks for reading,

Mohamed

Actions

This Discussion