Ubuntu Security :: Restrict Internet Access For Kids?

Jul 28, 2011

I'm running Natty and have made two logins on the system. One for myself and family and one for the kids (teens 14-15yr) to play in without Internet access via Admin "Users and Groups". I have hidden the Internet software icons on their screen amongst others i don't want them to see on the menus. On our screen I use a Firefox addon called "Web Of Trust" that can be configured easily for the kids and another addon called 'Blocksite' that I can selectively use for them and myself etc.

I have found out that they have still been able to get on to the net somehow under their login. Will have to observe again!! In the users settings for the kids the tick box for 'Internet'and 'use modem' access is un-ticked so I presumed that would be enough! Not so!!

View 8 Replies


Security :: IPTABLES - Restrict Internet Access Based On Time Of Day And MAC Address

Feb 6, 2010

I am trying to configure my Linux router to restrict Internet access for one computer on my LAN. It needs to be restrictive based on the time of day and the days of the week. I am using the MAC address of the computer to single out the one computer that needs to be blocked. However, this is my first attempt at making any rules with iptables, and I am not sure if I am doing this right. If some one can take a look at this I would greatly appreciate it. This is what I have done so far.

Here is my thinking. Create a new target. Check the MAC address, if it is NOT the offending computer return to the default chain. If it is the offending computer check that we are between the allowed hours and dates and ACCEPT. If we are not within the time/date range then drop the packet.


Here I am trying to route all packets regardless of the computer on the LAN into the blocked_access chain for checking.


Is it a good idea to route all traffic through the blocked_access chain? I do run other servers that are accessible from the Internet, so I am not sure how this setup will affect that. I also use shorewall on the router to setup iptables for me. How would I integrate this with shorewall?

I am using squid to block access when he is using the web browser. However, he is still able to play games(World of Warcraft) and the like.

I am using Debian sid, iptable(1.4.6), shorewall(4.4.6), kernel 2.6.32-trunk-686.

View 7 Replies View Related

Ubuntu Servers :: Configure To Restrict Internet Access?

Jan 2, 2010

I've been searched for the related topic, but i couldn't found any of them. Basically, i want to set up a server to restrict internet access for other computer (windows box), but allow internet connection for kaspersky to download its database. Here are some questions:

1. Do i need two network card at the server box?
2. There are 8 computers but only 2 are allowed all internet connection, 6 of the rest are not allowed, all windows box can accept connection to download database from kaspersky.
3. Is it Iptables the best, easiest way to configure?

View 4 Replies View Related

Security :: Restrict Access On Windows Network?

Feb 18, 2011

my team is working on network thier termial is windows and my server is linux centos we work on simple network with out domainmy user works on files on the server, can I deman ser name and passwork when they try to change to the shared files on the servernd can i monitor which user chaned a fileI have css developer and he is only allowed to create and modify css files can i do this ?

View 3 Replies View Related

Security :: Restrict A User To Access Particular Service?

Sep 24, 2010

I heard we can set security in /etc/hosts.allow and /etc/hosts.deny on user base also like something user@domain or something if so how can I restrict a user to access particular service by his/her user name in a particular host via /etc/hosts.allow or /etc/hosts.deny

View 3 Replies View Related

Security :: Restrict Access To Network To Only Dhcp Assigned Ip's?

Feb 28, 2011

I'm trying to tighten up my network a bit. I've given my dhcp server a list of static mac addresses and ip's for computers i know, and a very short range of dhcp addresses that are redirected to kittenwar.My dilemma is that if someone has my wireless network password, or an ethernet cable, they could set the ip address manually and gain access.how can i deny them this pleasure?im running dhcpd3, and iptables on a debian/lenny intel 2.4 box. dd-wrt is running in a linksys wrt54g and is handling the wireless security

View 7 Replies View Related

Security :: Restrict Sftp Access And Changing Its Port?

Mar 17, 2010

I tried changing the sftpserver port but its not working, besides how can i restrict users from particular ips.Eg: users a can ssh from 192.168.*.*user b can sftp from 200.*.*

View 2 Replies View Related

Security :: Using Squid To Restrict Access During Certain Hours But Only To Certain Websites?

Jan 21, 2011

I have been trying to get Squid to work so that I can restrict access to a particular web site during certain hours every night. I can't seem to get it working, however. I am still able to access the site. The following are the relevant lines from my squid.conf file:

acl restricted-domain dstdomain "/etc/squid/denied_domains.acl"
acl test time 19:00-20:00
acl bedtime time 22:00-23:59


View 2 Replies View Related

Ubuntu Networking :: No Internet Access After Security Cleanup?

May 17, 2011

i installed many security programs as a switching from windows guy and decided to get rid of them last night. I uninstalledgufw, clamav(and all based packages), firestarterusing synapticbefore i rebooted the system the internet was well and working. but after i rebooted i had no internet access;firefox couldn't retrieve, update manager and apt-get couldn't connect.the computer knows it's connected to the router i see the connection established sign but I can't even connect to the router by typing "".the computer can ping itself( but can't ping itself in the network (the dhcp address is and replies "operation denied" or something like that.I rebooted using live-cd and connected with no problems; the my internet connection is fineany thoughts will be appreciated P.S.: I did a fast check on the forums and couldn't find anything related; i didn't check thoroughly though.

View 4 Replies View Related

Security :: Password For Services To Access Internet?

Nov 6, 2010

I was wondering if there is any way in Linux in general and Fedora 13 in particular to configure system so that any service that needs access to internet will have to ask for password/permission to do so. So that I can

View 3 Replies View Related

Ubuntu Security :: Unable To Access Internet Utilizing Laptop

Mar 12, 2010

To start off I do not have the ability to post in the Networking/Wireless thread. I attend DeVry university and in my school they recently rolled out "Bluesocket." Now that they have done this I am not able to access the internet utilizing my ubuntu laptop.I am able to connect to the network. When I open my web browser I am redirected to the "bluesocket" login page where I am able to successfully log in. The next step to accessing DeVry's internet service is to allow Bluesocket to do a scan using a Java applet. That scan is successful.

The results of the scan inform me that I am not being allowed to access the network resources because I don't have an antivirus or firewall program installed on my computer. I do not wish to have an antivirus or firewall program installed on my laptop to utilize DeVry's network resources. My question is what steps do I need to take to bypass/trick bluesocket?

View 7 Replies View Related

Ubuntu Security :: A Firewall That Enables Internet Access Only When A Program Is Run?

Jul 25, 2010

I wanted to know if there was a firewall program out there that can open specific ports when a program/process is run and disable the ports again when the program is closed.

View 2 Replies View Related

Ubuntu Security :: Active Connection / Program Access To Internet

Jan 18, 2011

There is this active connection in firestarter: ec2-174-129-193-12.compute-1.amazonaws.com (Port 443 - Service HTTPS - program python)After doing ps aux | grep PID it shows: /usr/bin/python /usr/lib/ubuntuone-client/ubuntuone-syncdaemon...This comes up in the firewall in each login, how do I get rid of it and how did it get there in the first place? Another question is if there is a way to limit a program's access to the internet. For example KCalender.. The things I type up in there may be stored somewhere. How can I disable complete access to the internet for that program and any other program so they can't backup, share, check etc. ?

View 3 Replies View Related

General :: Restrict Web Access So *only* Firefox Can Access The Web

Nov 15, 2010

I'm a terrible procrastinator, it's awe-inspiring annoying and stressful. This in combination with being a information-holic makes the Internet fairly lethal to me; I risk failing my college course because of it, so trust me when I say I'm deadly serious about this.

However, I think you guys may be able to help out, and maybe this will also help some people here with similar problems:

Because so much of my time is taken up with Interwebz, I thought to carefully restrict my internet use. It's not prefect, but it's part of a solution.

To date: I have Firefox and the ProCon extension which uses a whitelist of websites I can access. The extension cannot be uninstalled/disabled and I use a long hex password split into 3 parts, two of which my friends have (so I have to ask my friends for the password parts in order to update the whitelist, hence making it socially awkward to fritter away time online).

So far, it has worked a treat and I'm really pleased with it.

However, this is the problem:

I need to restrict web access so *only* Firefox can access the web. That way I cannot use Chrome/Opera, or even (shudder) use wine to run Internet Exploder.

View 6 Replies View Related

Ubuntu Security :: Restrict Users In 9 ?

Apr 14, 2010

I've installed Ubuntu Desktop Ed 9 and I want to add a user account that would be very restricted. I would only want them to access the internet and run several programs. I do not want them to have access to the destkop, anything under preferences, administration etc... Is this possible?

View 1 Replies View Related

Ubuntu Servers :: Restrict Access To Particular IP?

Oct 7, 2010

I'm running Ubuntu Server 10.04 32-bit.I'm looking to find if there is anyway I can lock down ubuntu so that remote access, whether it be SSH, ftp, apache.etc can be only accessed from a certain IP range, or a certain set of IPs?Essentially, we'll say the Server IP is, and I want the IP addresses to be able to access the server, but no other IPs.I am in a switched environment, router's are not allowed to be placed on the network, and I do not have access to a DNS or DHCP server.Is there a way to do this in on the server via a configuration of some sort?

View 3 Replies View Related

Ubuntu Security :: Restrict SSH To Specific Source Ips?

Apr 7, 2010

I want to restrict SSH so that its only accessible via the machines I own on this network. Obviously need to secure user authentication/host authentication, that aside though is the following sufficient at a network level given technical users also use this network? IP addresses are static, though I know they could be spoofed.

Chain INPUT (policy DROP)
target prot opt source destination
existing-connections all -- anywhere anywhere
allowed all -- anywhere anywhere


View 4 Replies View Related

Ubuntu Security :: Restrict Thunder To A Certain Directory?

Aug 28, 2010

I have created my own custom ubuntu distro using the alternate installation cd and doing a command line install. I'm using ubuntu 10.04 as my base and am also using thunar as my file browser and am trying to create a secure desktop environment and to do that I'd like to restrict thunar to a certain partition. Is it possible to do that?

View 9 Replies View Related

Ubuntu Security :: How To Restrict Permission To Ssh User

Feb 26, 2011

I would like to allow a user to login through SSH but with differentpermission coming from different ipaddress.For example, a user "tester" login to SSH through andanother user login with the same login id "tester" but from differentip do I restrict to only allow for viewing the content inthe home directory while giving full access?I got a suggestion from some oneApproach 1) Based on the ip you change the shell. If it's just for read only ajail would be fine.but how do I change shell based on IP?Approach 2) to have two ssh instances. Let's say port 22 and port 24. Port 22 isfor read only, while port 24 is for full accessso how can it be possible to give port 22 only read only access to SSH

View 1 Replies View Related

Ubuntu Servers :: Restrict Access To Nfs Mount?

Apr 12, 2010

I will mount a nfs share on a client with fstab. Is there a way to don't allow some users accessto that folder ?

View 4 Replies View Related

Ubuntu :: Restrict File Access With Authz_owner?

Jun 9, 2010

I'm running a Virtual Box with Ubuntu 9.10 and I'm experimenting with Apache 2.2.12I would like to use the authz_owner module but it is not possible for me to access http://localhost/~b/private/"b" is my username and "private" is the directory definded in the httpd.conf file.My httpd.conf file:

<Directory /home/*/public_html/private>
AuthType Basic


View 2 Replies View Related

Ubuntu Security :: Using Apparmor To Restrict File Browser?

Sep 21, 2010

I am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.

View 2 Replies View Related

Fedora Security :: Restrict User To Ssh?

Apr 7, 2011

I m new with Fedora 14, and i have a basic business case :

I want to setup a user which should

- only connect to the server with SSH (ex.: no X11 connection).
- cannot change its shell
- cannot do any SU / SUDO command

This user is very similar to a SERVICE user, as I expect him only to run a single program (its shell).

View 7 Replies View Related

Security :: Restrict Cvs Login From Specific IPs

Sep 24, 2009

Need to restrict cvs login from specific IPs

in file /etc/security/access.conf
+ : builduser :

Do not work

when changed to ALL as below it works
+ : builduser : ALL

View 2 Replies View Related

Security :: How To Restrict Permission To Ssh User

Jan 26, 2011

I would like to allow a user to login through SSH but with different permission coming from different ipaddress.

For example, a user "tester" login to SSH through and another user login with the same login id "tester" but from different ip

How do I restrict to only allow for viewing the content in the home directory while giving full access?

View 7 Replies View Related

Security :: Restrict User To One Directory Only?

Jan 6, 2010

Here's the beginning of the issue: I'm running Fedora 12 with httpd and sshd. I want to create a user with a scponly shell for sftp access, but this user should ONLY be able to view /the/http/base/dir and its subdirectories. The user should not be able to see or get into directories above the httpd base. Someone mentioned creating a chroot jail for sshd and binding the httpd base to that dir, but this seems like more work than is necessary for the application I wish. Also mentioned was creating a user, say user1 with a selinux user setting of staff_r. I have read the articles and creating a user of staff_r isn't overly difficult, but how would I make it where staff_r would be restricted to where I want them to be? If I'm not mistaken, that would require changing the context of /the/httpd/base/dir?

View 4 Replies View Related

Security :: Restrict A User On SSH From Everywhere Except One Host?

May 3, 2011

I want to restrict user for SSH Logon, but able to use SFTP.

Also, i like to know how to restrict a user on SSH from everywhere except one host.

View 5 Replies View Related

Ubuntu :: Restrict Access To A Single Folder In Documents?

Nov 9, 2010

What is the simplest way to restrict access to a single folder in Documents?

View 3 Replies View Related

Red Hat / Fedora :: Restrict NFS Access To Root?

Aug 12, 2010

If there is a general NFS share in the LAN and for example this share has three files - a, b, c is there any way to restrict file access to the root user of e particular host(falcon) in the same LAN environment while the normal users from the same host(falcon) should be able to access the NFS share & files a, b,

View 3 Replies View Related

Server :: Restrict SMB Access For A Particular Domain?

Sep 14, 2010

I have a question in Samba and would like to ask you for the solution. Is there anyway we can restrict the SMB share access to particular domain name? say allowing access for "example.com" domain users only.

View 2 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved