Kark, Thanks. I have some studying to do. I will have a Unifi Security Gateway there eventually, probably after when the weather cools and the attic is more bearable (need to run cables). I was hoping thr USGhelp (I mean it is a security gateway). Pi-Hole sounds very promising. The USG looked simple until I got into it.
> -----Original Message----- > From: Mercedes [mailto:mercedes-boun...@okiebenz.com] On Behalf Of Karl > Wittnebel via Mercedes > Sent: Tuesday, August 25, 2020 1:14 PM > To: Mercedes Discussion List <mercedes@okiebenz.com> > Cc: Karl Wittnebel <atypical...@gmail.com> > Subject: Re: [MBZ] OT: Internet filtering > > Here is a helpful link: > > https://community.ui.com/questions/HowTo-Ad-blocking-using-dnsmasq-d- > instead-of-etc-hosts/1598a96d-28af-4f3f-ab96-97bccdb897b3#M66463 > > On Tue, Aug 25, 2020, 9:39 AM Karl Wittnebel <atypical...@gmail.com> > wrote: > > > Get a pi hole. I run something similar at home on a unifi security > > gateway: > > > > > > https://community.ui.com/questions/HowTo-Ad-blocking-using-dnsmasq-d- > i > > nstead-of-etc-hosts/1598a96d-28af-4f3f-ab96-97bccdb897b3#M66463 > > > > https://en.m.wikipedia.org/wiki/Pi-hole > > > > Anyway you can block whatever you want. E.g. facebook, youtube. It is > > a scorched earth approach but it works well. You can configure it to > > auto update using various lists of ad servers and then customize website > > lists. > > > > If in a church, you should post a sign that internet access is > > restricted in case any docs are communicating with patients etc by > > internet so they can plan to be out of reach. Not such a bad thing, > > really. Just need to notify. Something like "restricted internet access > > only". > > > > > > > > On Sun, Aug 23, 2020, 4:59 AM Dan Penoff via Mercedes < > > mercedes@okiebenz.com> wrote: > > > >> Only thing I can suggest is: > >> > >> 1.) Set up a password that’s simple and tell the congregation what it > >> is; or, > >> > >> 2.) Get a consumer grade router in line with the existing access > >> point and use it’s parental controls feature to filter. > >> > >> I’ve got an Asus router I use for my internal network and it’s got > >> parental controls and filtering available as an option. > >> > >> -D > >> > >> > On Aug 23, 2020, at 2:38 AM, Scott Ritchey via Mercedes < > >> mercedes@okiebenz.com> wrote: > >> > > >> > The school's hot spot is on their own LAN, not my problem. > >> > > >> > There are many functions other than church services, typically in > >> > the > >> fellowship hall (church meetings, parties, weddings/funerals, > >> men/women/senior groups, etc.) where folks want their cell phones to > work. > >> If they don't connect to the Wi-Fi those cell phone batteries go down > >> fast as the phones try to ping a tower transmitting at max power. > >> > > >> > I could add a password but then would need tell everyone. > >> > > >> > I already configured OpenDNS but still looking for something > >> > better. I > >> plan to install a Unifi Security Gateway so I'm looking for a way to > >> use that. There are many consumer routers that could be adapted and > >> security appliances (without routing), like Circle. Still looking. > >> > > >> >> -----Original Message----- > >> >> From: Allan Streib via Mercedes > >> >> Subject: Re: [MBZ] OT: Internet filtering > >> >> > >> >> Ask the school what they do. > >> >> > >> >> Ideally the school hot spot will be on the school network via a VPN. > >> >> > >> >> As far as accessing the passwordless guest network, you have that > >> problem > >> >> regardless. I'd suggest putting a password on it, or maybe setting > >> >> up > >> a captive > >> >> portal like at a hotel. Depends how much you really want to manage it. > >> >> > >> >> Anyway, who is using their cell phone during church? > >> >> > >> >> > >> >> Scott Ritchey via Mercedes <mercedes@okiebenz.com> writes: > >> >> > >> >>> Our church LAN has a “guest” SSID that does not require a password. > >> This > >> >> guest SSID is very helpful for cell phones because the aluminum > >> >> siding > >> blocks > >> >> regular cell signals. So far, this was not a problem because we > >> >> had > >> few > >> >> “outsiders.” Our ISP provider (Time-Warner/Spectrum) provides an > >> >> ARRIS DG1670a modem/router, which does not appear to have any > >> >> useful > >> “parental > >> >> controls.” > >> >>> > >> >>> Soon we will be a “hot spot” where school children can come to > >> >>> our > >> parking > >> >> lot to download school materials (if they don’t have high-speed > >> internet at > >> >> home). The school system provides the hot spot equipment but > >> >> visitors > >> will > >> >> also see our church Wi-Fi on their devices. > >> >>> > >> >>> I want to avoid the situation where school kids (or others) > >> >>> access > >> >> inappropriate sites, particularly on the church LAN. OpenDNS > >> >> offers > >> some > >> >> filtering but only for “new” DNS requests and it doesn’t block > >> anonymizers > >> >> (like Tor). > >> >>> > >> >>> I know there is much computer expertise on this site so I thought > >> >>> I’d > >> ask for > >> >> recommendations. > >> >>> > >> >>> Cheers, Scott > >> >>> > >> >> > >> >> _______________________________________ > >> >> http://www.okiebenz.com > >> >> > >> >> To search list archives http://www.okiebenz.com/archive/ > >> >> > >> >> To Unsubscribe or change delivery options go to: > >> >> http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > >> > > >> > > >> > > >> > _______________________________________ > >> > http://www.okiebenz.com > >> > > >> > To search list archives http://www.okiebenz.com/archive/ > >> > > >> > To Unsubscribe or change delivery options go to: > >> > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > >> > > >> > >> > >> _______________________________________ > >> http://www.okiebenz.com > >> > >> To search list archives http://www.okiebenz.com/archive/ > >> > >> To Unsubscribe or change delivery options go to: > >> http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > >> > >> > _______________________________________ > http://www.okiebenz.com > > To search list archives http://www.okiebenz.com/archive/ > > To Unsubscribe or change delivery options go to: > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com _______________________________________ http://www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
