Napster and other 'ster' filtering thru ipchains

[sinck@ugive.com]

\_ I am faced with the need to filter Napster and for now a program
\_ called 'Scour' from my son's internet access. Can anyone tell me
\_ where to locate a list of ports that these programs use? I also
\_ need to start logging my son's internet use. Can you give me some
\_ pointers in enableing logging and what to expect in log output?
\_ Your help is greatly appreciated.

Try dropping all connections from said box that are *not* to port 80,
port 443 (https), or your provider's pop account [depending].  Turn on
logging for all web syn packets.  You'll have to decode ip->name, but
that's easy enough.

You won't prevent his to www.evilempire.com initially, but you'll have
a log that says he went there.  

The biggest problem is that if he's at all web savvy, you'll have this
breached immediately through a simple redirection through
akamai...unless you ban them entirely, which will probably cripple
other important stuff.

You could slap a web proxy up...that'd probably give you more control
over content (ad banners, text from picture sites, etc).

Try wiring up a set of household speakers to the computer and whenever
you get a banned IP or an akamai hit (never can be too sure), play a
big siren sound on the speakers.

Although, if I were a kid with that, I'd test it just to cry wolf
until it was turned off.  Although the look on the face should be
classic the first time.

Try ipchains-howto; it's helpful.

David