Yes, I'm talking about clearfoundation. I've never used it in an exam situation. But my experience is that is better(read easyer) to block everything and open up for the needed things, than to think of every posibility on what to block. One nice feature is that you can afterwards see what local ip used what external ip. That way, it's at least controllable on who(machine) used what.
You can also make users(openldap-based) on the proxy and make em use username and password to log on to the proxy to get access out. That way you can log what user did what too. A reminder is that there need to be an agreement for this to be legal(at least in Norway) between goverment, system and user in advance. My experience from Steinkjer vgs(1200 students) is that it's best to block all, if only the machine and the programs on the machine is needed. This can be done based on IP( make a custom net(vlan) for this, place only the machines that is in use in the exam, behind this solution). If Internet is allowed, its far easyer to use a logging program that log every movement and picture on what u do on ur machine during the exam(this is what Steinkjer vgs did/does, Windows based). This is very expencive though. One thought, is to make a live-system/pxe-bootable system(ltsp) that contains all needed material for the exam and use that. Hope this gives some thoughts to go further with. Helge Tore Høyland 2012/1/30 Petter Reinholdtsen <[email protected]> > [Helge Tore Høyland] > > Hi. > > Not sure i have very mutch to contribute with, but I've used ClearOS for > > quite som time as proxy/firewall for a school. This out-of-box setup has > a > > nice proxy/contentfilter and whitelist/blacklist function. Easy to use > and > > easy to deploy. It's based on iptables with a nice web-config tool. > > Absolutely interesting to me. How do you set it up in an exam > situation? What do you block and what do you allow? > > I assume you are talking about <URL: http://www.clearfoundation.com/ >? > -- > Happy hacking > Petter Reinholdtsen >
