What I want is a product which sits on the network in promiscuous mode, sniffs out HTTP requests, and then kills the connection based on rules which include content type, time, username etc etc.
Anyone know of a product for Linux which will do this? It needs an active database {Surf Control's one redeeming feature is that they maintain a large database of websites, and continually update it} and catagorise them into stuff like "adult/sexually related", "computing and the internet" and other classes.
transparent proxy with squid, squidguard with updating blacklists.
I just did this yesterday for someone actually and am happy to provide a debian woody example config file etc.
cron job to get new blacklists from the lists on the squidguard site etc.
they come with categories.
that aside, I don't think blacklists are particularly effective for even a casual pornhound... a whitelist that is easy to update is a much more effective control and something I have had deployed for years at a few sites with excellent success. Even getting local IT contact to update the list. Also setting up one of the example CGIs that makes sure the IT contact gets the right info about which page was blocked etc....
squidguard is good....
dave -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
