Print

Print


Override is only on the paid version.

Bjorn Behrendt (from Android)
On Aug 4, 2011 5:37 PM, "Paul Wood" <[log in to unmask]> wrote:
> Criag,
>
> I would agree, I prefer to filter both students and staff. There shouldn't
> be any difference. However there should be an easy way to override a
> filter. Does OpenDNS have that ability, short of changing your DNS?
>
>
>
> Paul Wood
> P. 802-382-1720
> [log in to unmask]
> Systems Administrator, ACSU
>
> ♻ Please consider the environment before printing this email. ♻
> WARNING: This message may contain information that is confidential and/or
> protected under the Family Education Rights and Privacy Act or other
> lawfully recognized privilege. If you receive this message in error or
> through inappropriate means, please reply to this message to notify the
> Sender that the message was received by you in error, and then permanently
> delete this message from all storage media, without forwarding or
retaining
> a copy.
>
>
>
> On Thu, Aug 4, 2011 at 4:03 PM, Craig Lyndes @ wcvt.com <[log in to unmask]
>wrote:
>
>> Paul,
>>
>> I'm puzzled. I've been using the free version at 2 schools for a while
>> now. Other than having more than 50 white/black list URLs and keeping the
>> statistics for more than 2 weeks, I didn't know there was any difference
>> between the enterprise and the free.
>>
>> I find that having the adults and students have to use the same filters
>> makes everyone more aware of the decisions to block and what people are
>> being kept away from. Eat your own dog food.
>>
>> OpenDNS is effective as a safety net to keep kids from accidentally
>> stumbling on inappropriate web sites.
>>
>> Craig Lyndes
>>
>> > I talked with OpenDNS today and got a guestimate of what it would cost
>> to implement it in our district.
>> >
>> > "Thanks for the time just now. Below is our cost for 1 school and for
7.
>> > In addition to the annual prices below – we do offer 10% off on 2 year
>> > term
>> > and 20% off on a 3 year. Also a demo link for you to watch:
>> > http://www.opendns.com/support/videos/enterprise
>> >
>> > *1 School: $2500/year*
>> > *7 Schools: $4300/year*"
>> >
>> > Bjorn is right, one of the key problems (for me) would be reporting. I
>> need
>> > the ability to follow a trail of destruction.
>> >
>> > Sounds like they offer it free for home users, but it had a limitation
>> on the number daily dns queriers that could take place.
>> >
>> > Paul Wood
>> > P. 802-382-1720
>> > [log in to unmask]
>> > Systems Administrator, ACSU
>> >
>> > ♻ Please consider the environment before printing this email. ♻
>> WARNING: This message may contain information that is confidential
>> and/or protected under the Family Education Rights and Privacy Act or
>> other lawfully recognized privilege. If you receive this message in
>> error or through inappropriate means, please reply to this message to
>> notify the Sender that the message was received by you in error, and
>> then permanently delete this message from all storage media, without
>> forwarding or retaining
>> > a copy.
>> >
>> >
>> >
>> > On Thu, Aug 4, 2011 at 9:05 AM, Bjorn Behrendt
>> > <[log in to unmask]>wrote:
>> >
>> >> Opendns is free and exreamly easy to set up because it is a cloud
based
>> solution. Basically you point your external DNS forwarders to opendns
>> instead of comcast (no servers needed). Every device then gets
>> filtered.
>> >> The downfall is that being an external it has no way to provide
>> reporting at
>> >> the computer level or set up different policies for teachers and
>> students.
>> >> They have a paid version that might do this but I never looked into
it.
>> >>
>> >> At MSJ we have lightspeedsystems because it does both antivirus and
>> contentfiltering and soon it will be my firwall/router.
>> >>
>> >> Even with lightspeedsystems I do have open DNS also running but it is
>> only
>> >> set up to block the really bad stuff.
>> >>
>> >> Sue if you need help let me know. (802) 770-0003
>> >>
>> >> Bjorn Behrendt (from Android)
>> >> On Aug 4, 2011 8:54 AM, "Paul Wood" <[log in to unmask]>
wrote:
>> >> > Are you using it as a filter? I don't know, I haven't used this
>> method before.
>> >> >
>> >> > I assume you're talking about (http://www.opendns.com/school).
>> Ideally
>> >> this
>> >> > would provide the best method, because you wouldn't then need to
proxy
>> >> SSL.
>> >> >
>> >> > If you do travel down this road, I'd like to know if it worked well.
>> >> >
>> >> > I don't remember if it was this listserv, but I recall seeing a
>> recent discussion on OpenDNS being used as a filter.
>> >> >
>> >> > “He who breaks a thing to find out what it is, has left the path of
>> >> wisdom.”
>> >> >
>> >> >
>> >> > Paul Wood
>> >> > P. 802-382-1720
>> >> > [log in to unmask]
>> >> > Systems Administrator, ACSU
>> >> >
>> >> > ♻ Please consider the environment before printing this email. ♻
>> WARNING: This message may contain information that is confidential
>> >> and/or
>> >> > protected under the Family Education Rights and Privacy Act or other
>> lawfully recognized privilege. If you receive this message in error
>> or through inappropriate means, please reply to this message to
>> notify
>> >> the
>> >> > Sender that the message was received by you in error, and then
>> >> permanently
>> >> > delete this message from all storage media, without forwarding or
>> >> retaining
>> >> > a copy.
>> >> >
>> >> >
>> >> >
>> >> > On Wed, Aug 3, 2011 at 9:37 AM, Susan Briere <[log in to unmask]>
>> >> wrote:
>> >> >
>> >> >> Thanks for the reply, Paul. What do you think of OpenDNS as an
>> >> option?
>> >> >>
>> >> >> Susan
>> >> >>
>> >> >>
>> >> >> On Tue, Aug 2, 2011 at 2:48 PM, Paul Wood <
>> [log in to unmask]
>> >> >wrote:
>> >> >>
>> >> >>> You can't, not unless you man in the middle it. In this case there
>> will actually be two ssl sessions going on. One between the proxy
>> >> server
>> >> >>> and say gmail and the other between the client and the proxy
server.
>> >> >>>
>> >> >>> If you used a self signed certificate it would prompt the user,
but
>> >> you
>> >> >>> could get a cert from GoDaddy.
>> >> >>>
>> >> >>>
>> >> >>> Paul Wood
>> >> >>> P. 802-382-1720
>> >> >>> [log in to unmask]
>> >> >>> Systems Administrator, ACSU
>> >> >>>
>> >> >>> ♻ Please consider the environment before printing this email. ♻
>> WARNING: This message may contain information that is confidential
>> >> and/or
>> >> >>> protected under the Family Education Rights and Privacy Act or
>> other lawfully recognized privilege. If you receive this message in
>> error
>> >> or
>> >> >>> through inappropriate means, please reply to this message to
notify
>> >> the
>> >> >>> Sender that the message was received by you in error, and then
>> >> permanently
>> >> >>> delete this message from all storage media, without forwarding or
>> >> retaining
>> >> >>> a copy.
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>> On Tue, Aug 2, 2011 at 2:24 PM, Susan Briere <[log in to unmask]>
>> >> wrote:
>> >> >>>
>> >> >>>> Currently have a CentOS 5.2 server running DansGuardian. The
server
>> >> has
>> >> >>>> one network interface. Added a rule to IPTables to redirect all
>> >> Port
>> >> 80
>> >> >>>> traffic to 8080 and Dans' passes it on to Squid and it works
great.
>> >> Not sure
>> >> >>>> how to handle SSL traffic on port 443, though. It's getting
>> >> dropped. I
>> >> >>>> understand that I can't redirect port 443 as it could technically
>> >> act
>> >> as a
>> >> >>>> man-in-the-middle, which would not be kosher. Are there any
>> >> reasonably
>> >> >>>> straight-forward solutions that would allow the SSL traffic to
>> >> proceed?
>> >> >>>>
>> >> >>>> I know there are more involved solutions, as well as more
>> expensive solutions, but this is what we have for now. Hoping for
>> a sweet workaround...
>> >> >>>>
>> >> >>>> Thanks much, Susan Briere
>> >> >>>> Technical Support, RNESU
>> >> >>>>
>> >> >>>
>> >> >>>
>> >> >>
>> >>
>> >
>>