A Father’s Guide to Filtering Out the Big Bad Internet

As a father, I want to protect my children and myself from the bad side of the Internet, pornography, malicious software, identity theft, and the like. But, with more than 634 million websites out there and growing, how can I filter them all?

Disclaimer: What qualifies me to tell you what to do? Nothing, really, other than the fact that I’ve used the Internet nearly daily since 1996, designing websites and researching projects for school through a bachelor’s, master’s, and now doctoral degrees. I’ve got eight children to care for and worry about, and I’ve tried to keep them and myself safe on the Internet through all that. Honestly, there have been times when I’ve failed at keeping the big bad Internet off my computer, but that’s another good qualifier. I’ve seen what you don’t want to see, therefore I know some of what to protect against. I assume no legal responsibility for the outcome of disputes that may arise from following the advice contained herein. Using these methods to abuse or coerce will find you estranged from your child at best. Another caveat to my suggestions contained on this page: I do not presently accept, nor in the past have I accepted, payment or special treatment from the vendors of any product I mention herein. I’m doing this out of love and concern for all the other parents out there who, like me, want to protect their families from the big bad Internet. Finally, I will moderate the comments. If you have something to add, or correct me on, feel free to comment. If it helps me, I’ll allow it here to help others.

First, you can’t filter out every bad thing from the big bad Internet on your own. But don’t let that discourage you from trying. An elephant is eaten one bite at a time, a mile is walked one step at a time, and honestly, you shouldn’t have to block every bad site by name to be effective. And, you should be able to do all of these things without spending a dime. Of course, there are solutions that cost money, but I’ll save that for another time.

Do you still want to filter the Internet on your own? Yes! Good! Let’s get started. First, you’ll need just some basic computer knowledge, like how to type, and navigate the file structure. Second, you’ll most likely need to know how to use the administrative account on your computer. Third, get a pen and notebook to write down those little sparks of inspiration, because I actually want you to think about and do these things.

If I’ve scared you already, let me put your mind at ease by telling you that you most likely already know some of this stuff, but don’t know you know. If you are the sole user or only have one account on your computer, it is most likely the/an administrative account, so don’t worry. If you usually ask a friend or close relative to help you with computer stuff, it might be a good idea to get him or her involved in this, so you can complement whatever they already have in place.

If you would like to put some of these safeguards in practice at your workplace, ask your system administrator first. He or she might have some better suggestions, and in most cases, hopefully, would be excited to help you, because it means one less system to worry about getting infected with the big bad Internet.

Here are the layers of security to address to help keep your family secure on the Internet:

Layer 1: Physical Access
To control the Internet in your home, you have to control the devices that bring the Internet into your home. Your wireless router, your Wi-Fi hotspot, your broadband Internet service, and your cellular phones and contract all have two things in common: they connect you and your family to the Internet, and they are yours. If you have paid for them, you have every right to control what transmits across them.

Parental Controls
Did you know that parental controls have been a good part of the Microsoft Windows operating system since Vista? Are you using parental controls? You should! If you have different accounts set up for each user of the family computer, you can set time limits, hours of use, program limits, websites, etc. for each user and let the computer monitor your child’s use. I highly recommend this feature. However I have found some problems with it, such as setting the program limits too high and then the child not being able to access anything. This takes some getting used to, but is worth it.

Time and Place Rules
Set rules to govern usage of the family computer such as where it will be, who can access it, when it may be accessed, and set time limits for use. These are not only good for helping block the big bad Internet, but also for helping your child establish skills of self-regulation. If a teenager only has two hours to do research for a paper due tomorrow, they will hopefully not spend that time on Facebook. If you have other computers in the house, only allow one to access the Internet, the family computer. You can help accomplish this with a small USB drive, which the child may already have to keep school documents on. Read below to control the wireless access in your home in Layer 3.

Simply setting house rules to govern the when, where, and how long of Internet usage might be enough. I wouldn’t bet on it, but if your children are as wonderful as mine, this could be all the safeguard you need. However, don’t be fooled by feigned obedience if this is your only layer of security. You’re the parent, do the work to be sure.

Some suggestions on specifics:

  • Put the family computer in the middle of a room that is used by everyone and only allow access during the daytime.
  • Only allow one computer, that family computer, to access the Internet. You may need to change the router settings to do this. See below for more information on this topic in Layer 3.
  • Regularly check every personal computer’s files, photos, movies, and music. See below for more information on how to search in Layer 7.
  • Only allow an hour or two for Internet use. If you have more children, you may need to cut this down so that all who need get access, without going too late.
  • Set a bedtime for the Internet, such as 9, 10 or 11 p.m. – definitely, not past midnight. If using Parental Controls on Windows, you can set this system-wide – the whole computer locks up at a specified time.
  • Set the parental controls on Internet-capable TVs, game consoles, and the like.

As the parent, you also need to obey these time and place rules. The only exception should be if you work from home. Even then, you should be willing to show your children what you are working on at any time. And hey, it might give them an idea of something to do later in life, or give you something to talk about. Just stay off the big bad Internet yourself. Children can tell when you are being a hypocrite.

I could insert a big discussion about children’s rights but I won’t. I assume you love your family and are only doing this for good, helpful reasons, nothing nefarious. Check the laws in your state to see what property your child has legal claim to. If you allowed your minor child to buy a device that gives Internet access, you may still be able to control it by virtue of fulfilling custodial guardianship.

Please, please, please find a solution that works for your family. Many mobile devices can access the Internet. If you are only concerned with the family computer, you’re missing the biggest tool your child can use to let in the big bad Internet. Please do these things:

  • Take physical control of all Internet-capable devices at night.
  • Further, set limits on friends’ devices. Have a basket wherein all visitors – yes, even your friends – must deposit their device upon visiting the home. This will keep children from viewing the big bad Internet on friends’ devices inside your home, and it might get you socializing more offline!
  • Take your child’s device(s) at random intervals and check the chat history, photos, files, and music. If there is anything amiss, discuss it with your child in love and concern. This is called parenting not snooping, and it works.
  • Check the phone records. Did you know that many of the contract-free prepaid phones allow you to check online for the records of phone calls made, received, and text messages sent and received. Discuss these with your child.
  • Unlimited only means you the parent do not pay more per minute/text/transfer than a flat rate, not that the child gets unbridled access. You can still set rules for using the device.
  • Pre-paid is best. You might think the convenience of having all the family’s devices on the same contract is best because it saves you money, keeps the numbers easy to remember, or whatever. But it ties your family to a contract; it controls the budget, access, and removes any bartering power you have to control the devices. Imagine you have trouble with a child always going over the limit on texting. With a contract, you have to pay for those overages, or if it’s a shared plan, you lost all the texting for your own phone. Even if the texting limit can be forced per phone, next month, your child can again send as many texts as he or she wants. With pre-paid, you can just stop paying to enable that bad behavior. This isn’t mean, it’s good parenting.

Layer 2: Passwords
If you’re like most families I know, you have one family computer. If you have a password on this computer, it’s the only password, and it gives the user access to the main administrative account. This is great to keep everyone off the computer that doesn’t live with you…but how many of those people get into your house to use your computer? None.

I hope beyond reason that your child doesn’t know that password. I fully believe he or she does. Maybe you told the babysitter, your brother, or someone else who needed it, or maybe he just watched you type it in. Your child probably knows it! Change it often. But, most importantly, know who in your home knows it! From a social engineering perspective, your child is smart enough to figure out your maiden name, your pet’s name, your anniversary, etc. Most hacking is made easier by simple social engineering. And don’t use the same password everywhere!

As for the password, you should choose a passphrase instead. Of course make it complex. Use capitals and special characters. But, don’t just make your password complex make it long! A hacker has said, “For everyone using six- to nine-character passwords with ‘complexity,’ I appreciate it. I get paid to break in to systems for a living, and you make my job easier.”

Some ideas on passphrases:

  • A six character alphanumeric case sensitive password gives 62 possible characters (26 lowercase, 26 uppercase, and 10 numbers = 62). Figure the combinations as 62 to the 6th power or 56,800,235,584 combinations. Impossible to break right? Wrong, your teenage child could crack it with some free software on a USB drive in 2-5 minutes.
  • Even faster if everyone in the house knows the password!
  • A sixteen character alphanumeric case sensitive passphrase would take a little longer.
  • I recommend at least 15 characters case sensitive with special characters. In fact, my favorite was 32 characters case sensitive with special characters. It took forever to get down at first, but it got to the point that I could type it in a matter of seconds.
  • What should you use as a passphrase? Either jumble together some random words, a line of poetry, or pick a line from a song. But, not your favorite song! And don’t hum it while you type it in! If you need to add the special characters, use a zero for an o, a 3 for an e, a one for an i.
  • If you’re still stumped, find a passphrase generator online.
  • Layer 3: System Level Protection
    Hosts File
    What is a hosts file? Computer magic! Well, not magic exactly, more like misdirection. I know, this description isn’t complete and is a little simplified, but it will help put the hosts file into perspective for folks who might not have had experience with it: When you type an url into your browser, such as youtube.com, your computer first takes that request and goes to look for the hosts file. If there is an IP address assigned to the domain you requested. Your browser will pull up the IP address assigned. If there isn’t one assigned, it goes to look outside your computer to the network, and eventually to the larger Internet.

    Here’s the trick with the hosts file. If you list an IP address in the hosts file, your browser will go to that IP address instead of where the Internet outside your home says to go. For example, let’s say your young son likes to visit a website devoted to Superman, supermanhomepage.com. But, let’s say he visits there every day for hours on end instead of doing homework or chores. Add the offending url to the hosts file and he will no longer be able to reach that site. OK, truth be told, I like the Superman Homepage, so I hope there are no hard feelings from the folks over there for using their url in my example.

    For more information on how to set up a hosts file, go to this website (http://winhelp2002.mvps.org/hosts.htm). Go to that site even it you don’t have a windows machine, because they have a huge file that lists a bunch—thousands—of unwanted sites you can copy into your hosts file. They even have instructions for how to set it up on Windows Vista, Windows 7, and Windows 8. For those of us Mac users, go here (http://blog.grapii.com/2012/08/how-to-edit-the-hosts-file-in-mac-os-x-10-8-mountain-lion/). If either of these sites are down, just do a search online for “hosts file” for your operating system.

    User Access and Parental Controls
    This has already been discussed above. If you haven’t taken the initiative to look into parental controls on your computers and other Internet-enabled devices, do so now.

    Router Level Controls
    When I first signed up for the Internet service at my house I was naïve. I talked to the techs and asked what could be done to maintain and control access at the router level. I was erroneously told that if I needed to make changes, I would have to call in to have a tech work on it, free of charge, but still, nothing I could do myself. For a few years that was my procedure, I would call to add a device, or remove one, etc. When I found out that my son had access to the router—he showed me because I have a good honest son—I was very upset with the service provider. However, it gave me the fire to learn all about this router and what was possible to do to control.

    I have the ability to change the wireless password if I think it has been compromised, add or remove devices, assign schedule of access, assign IP addresses for the allowed devices, backup and restore incase the router resets itself, and I can do a block filter on keywords. There are so many routers and service providers out there that I can’t really write up instructions on each. You will need to find out which router you have, if you are allowed based on your contract to access and make changes, and keep it doing what you want it to. You may even want to look into a second router, to go between the one your service provider and the rest of your network, that you have access to make changes.

    One final comment on routers: if you are able to access and change settings or request changes from your Internet provider to your router. Make sure you use a WPA2 Wi-Fi password if possible. WEP and WPA are becoming so very easy to hack these days. And the same rules apply to your Wi-Fi password as your system passwords: make them long and difficult, see above.

    Layer 4: Antivirus and Spyware/Malware
    “Do I really need antivirus if online I only go to ___________?”
    “I have ___________ on my computer, but it might be old, should I be ok?”
    “I don’t need antivirus if I have my hosts file and Adblock on, right?”
    “Do I need antivirus on a mac?”

    Every time I am asked about these, I give the same answer, “You need a good antivirus, and you need to keep it updated!” There are plenty of good free options out there. For antivirus look at this list on PCMag.com, (http://www.pcmag.com/article2/0,2817,2388652,00.asp).

    Some antivirus programs have built-in malware and spyware removal software. This is OK, but I still recommend at least one more malware/spyware program. Here’s why: the libraries for the different malware detection programs are going to be different. One product might detect for a large list of nasties. Another product might detect for another large list, with a little overlap, but not be completely duplicated. A third gives you even more coverage. For example, I’ve had Spybot Search and Destroy find nasties that have been out and established for a while. Then Malwarebytes found a different set of nasties that Spybot missed, and Spybot missed some of the ones Malwarebytes found. Finally, SuperAntiSpyware found some duplicate items, but then found some that the others missed, and vice versa. Think of malware detection as getting advice from friends. One friend will give their best advice, which will be similar but different from another friend. There may be overlap, and there may not. Either way, you’ve covered more ground with their combined experience.

    A couple final words on antivirus and malware/spyware detection and removal, USE THEM! Neither antivirus nor malware detection does any good if you don’t regularly run it to check for nasties on your computer.

    Layer 5: Web Filters
    If you have all the previous precautions in place, and are using them regularly, your computers and devices should be fairly secure on the big bad Internet. However, one thing is lacking. All the protections—except for router level keyword filtering—only protect from threats to your family that are known. A hosts file only blocks those website urls that you have entered. Malware detection and antivirus only remove threats that you visit, or receive via email or infected usb drives. Passwords and parental controls work to allow access when and to what device you allow, not what content you allow. Parental controls have improved a little, so I may be wrong on this. Overall, the only way to filter out the unknown nasties on the big bad Internet that you don’t know about is with a web filter.

    For a while I used K9 from Blue Coat (www.k9webprotection.com/‎). It was nice to use the different preset and custom levels to block or just monitor. I could put in specific addresses to always block or always allow. It even had time controls. I don’t remember why I stopped using it. Maybe it was because there were too many times where my teenage children were trying to do a valid homework assignment, or my wife needed to get online at a time when the computer wasn’t allowed, and the only way to override was to enter the administrative password. That gets tiring. K9 was great at filtering, maybe I needed more time to adjust, but after over a year of headaches adjusting, my family gave up.

    Now I just use router level keyword filtering. The best part of that is it blocks for all devices on the network, not just one computer. Whenever someone asks about web filters like K9, I say they are good if you can find a good one, and get used to it. Either way, this is my blog, and my opinion, so take it as you will.

    Layer 6: Inspiration/Intuition/Conscience
    Let me just throw this out there, I’m a member of The Church of Jesus Christ of Latter-Day Saints. One thing we believe in is divine revelation through the Holy Ghost—call it your conscience, inspiration, warnings, feelings, or impressions. We believe we are entitled to divine help for all aspects of our lives (See Matthew 7:7-8, John14:26 and John 16:13)—especially in our stewardships with our families. This means, I believe that if I am living the way I should, keeping up my end of the deal with God, I have the right to expect Him to inspire/impress/reveal to me how to be a better father.

    What does this have to do with filtering the big bad Internet? I believe God will let me know when I might be getting near the nasty bad parts of the Internet and keep me safe. I know He has in the past, and continues to warn me. Here’s the cool part. I also believe, because I have experienced it, He can tell me when my child is in trouble—in any situation, including—on the Internet.

    This is an absolute essential layer of Internet security when you have children. This trumps all, augments all, and is the easiest to install. All you have to do is be righteous. I’m not saying to ignore the others and go on faith! No, go on faith, but make sure your works are works that put you into the best position on filtering the Internet, and God will help by making up for your security holes. If you happen to let something slip, the patch update is easy…faithfully repent and renew your covenants to God.

    Layer 7: Search the devices (primarily for pornography/obscene materials)
    Computer forensics is sometimes very easy. But, you don’t have to think of it as forensics, think of it as a checkup. The most important thing to remember is that this is your child. No one will love him or her as much as you do. You need to do these kinds of things in love. Remember that proverb, “A soft voice turneth away wrath, but grievous words stir up anger.” (Proverbs 15:1). If you find something nasty, it’s your job to be the parent, but it’s also your job to be the loving parent.

    An effective search takes time. Remember that if you have a strong concern about pornography on a child’s/spouse’s computer. Also, be as objective as possible. Finding something bad on a computer can be horrific in your mind, but the first thing you find might only be the tip of the iceberg. Alternatively, it may be a true accidental viewing. You need to check anything you find against Layer 6, any logs you can find from the router, Internet service provider and their account of what transpired.

    I’m sorry in advance if your search results in finding pornography. Remember that if you see items that look like pornography listed on a computer doesn’t mean your child has an addiction or has even viewed it! Some viruses and trojans install pornography to use as a hook for more access to your computer.

    To search effectively for images on a windows computer, start in the Documents or Pictures folders through the user’s account. Younger, less experienced users might save photos here. However they might not know how to or may not want to save the evidence.

    Your next move should be to open the web browsers on the computer to check the history. There may be a browser that you didn’t install that is used because the rest of the family doesn’t know about it. Common browsers are Internet Explorer, Mozilla Firefox, Google Chrome, Safari, and Opera. If you didn’t install the browser on the computer, you need to know who did, when, and why. Reasons for doing so may be innocent, so be sure to check your feelings about the situation with Layer 6.

    In each browser there should be a place that shows the history of previous browsing sessions. You can usually even search these for keywords that indicate possible pornography: hot, sex, sexy, naked, nude, xxx, etc. Remember the four letter words as well. These will be very telling if there was pornography viewed on the computer. Be sure to remember that while searching for pornography in the history, you don’t want to view it yourself, and pop-up and banner ads will show up sometimes even though the child didn’t go to that specific site.

    However, a page with that kind of title in the history doesn’t necessarily mean pornography. Here’s a case where a good relationship will win out over pornography. Just go ask your child what they saw on the Internet. Be loving, interested in their view, and non-judgmental. If you see something of the big bad Internet in the history, you need more information to help your child. Odds are, he saw the pop-up, closed it, and felt uncomfortable about it, but didn’t know how to bring it up to you. However, on subsequent and more severe offenses, you might want to be more guarded in what you believe. Addictions and lying go hand in hand. But, that’s just good parenting.

    Also check the “recently closed tabs” and “recently closed windows” in the browser if possible. If the history is blank, this can mean two things: they browser has been wiped, or the browser hasn’t ever been used. Again, ask those who use the computer when, and why.

    Please do this as well:

    • Check the “Web History” in the google accounts. If you do it right, you can set up one account for that computer, and store all the search history. Then next time, you can view that…or even check on the history from another computer. This doesn’t get erased when the browser history does, so it’s another check you can do.
    • Check YouTube watch history as well. Also set up one youtube account for the family’s computer.
    • If your children have their own email, search, video site, etc. accounts, you need to have access to them. Again, it’s your legal responsibility until they are of the age of majority and can manage their own affairs.

    Next, hit the Start Menu/Windows button in the lower left corner, or the Spotlight on a Mac in the upper right corner, and search in the search box. You type in “.jpg” to see all JPEG images. While you type it in on a Windows 7 machine you’ll see some results, with a “See more results” at the bottom. That will show all the JPEG images saved to the computer. Scanning through them might take a while. Again, those who have been previous offenders may not save the files locally, and will most likely clear the history on the browser to clear the trail. Also search for video files: .flv, .mp4, .mov, .wmv, etc.

    There are other places to look, but by this point, you should have a good idea of whether or not pornography has been viewed on the computer. Be sure to remember to check USB drives as well.

    If your child has a smartphone, webTV, or Internet-enabled game console, I again admonish you to regularly but randomly check the photos, apps, and messages. You may want to keep a note on how many chat conversations and/or the last time it looks like the device was wiped clean. If this happens at an unusual frequency, check your feelings (see Layer 7).

    If your child has a device that you do not have free access to, or do not know the password to, your child doesn’t need that device. You are legally responsible for anything that child does. It doesn’t make legal sense for him or her to have a means to communicate with anyone in the world without your consent. When I was growing up we had to ask permission to use the telephone, especially the long-distance. I’m pretty sure it didn’t stunt my growth any. Besides, it gave me a chance to talk to Mom or Dad about who I felt I needed to call.

    You can filter out a whole lot of the nasties on the big bad Internet by a few steps. Remember these layers and put them into place:

    • Layer 1: Physical Access to Internet-enabled devices. Don’t forget game consoles and mobile devices
    • Layer 2: Passwords, or rather long complicated passphrases
    • Layer 3: System Level filtering through the hosts file, parental controls, and router level filtering
    • Layer 4: Antivirus and Malware/Spyware – Use multiple and keep them updated
    • Layer 5: Web Filter Software – find one you like.
    • Layer 6: Divine revelation to help you requires you to be worthy.
    • Layer 7: Search the Devices – This is free and easy! Do it often, but randomly, and be thorough.

    Good luck and God bless you in your endeavors to keep yourself and your family safe on the Internet.

    Tagged , , , ,

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.