D-Link Forums
The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: Fluke on April 07, 2011, 05:49:15 PM
-
I made another post about this, but I'm looking for people to confirm and build a vocal majority for this issue as I believe it's a significant oversight that affects most of us.
If you try to use Parental Controls to block Facebook, the Google Chrome browser will still allow access to the site via https. Internet Explorer and Firefox won't get through.
I was told today that we need to wait for a firmware update to resolve the issue. I doubt there will be any further revisions for this aging router.
I would guess a lot of people buy the 655 for its flexible access/parental controls, and I'd have to assume that limiting Facebook time is also a priority.
Please chime in on the issue and see if it doesn't work right for you, and if you care about whether or not it gets fixed.
Thanks.
-
As far as protecting the kids, two things come immediately to mind.
1. Get rid of Chrome and use another, better, browser.
2. Do your blocking of sites with a good software firewall, usually available with antivirus, (not freebee) internet security suites. These should be installed on every computer in your home.
I consider a firewall router like a security guy at the front door of a nightclub. He is there to maintain general order and keep out obvious troublemakers. However, inside the club, you need bouncers to make sure that disorder isn't spawned by not-so-obvious threats. The software firewall is your bouncer and can be fine tuned to your liking. I cannot imagine a child's computer wiithout an adult monitored software firewall suite installed.
-
I agree, if parents are really in control then they can remove chrome from the childs PC, and if they really want to inhibit access to FB then they and easily edit the host file or get 3rd party parental controls and block sites.
You have to understand that routers are made to route traffic. There doing there job. It's up the OEM on how much extra features are added like parental controls or filtering they put in these things. Keeping up with web site technology changes everyday. So sometimes the features become out dated or not useful on the router, this may or may not be a FW issue, depending on the severity and impact it has on customers. Theres other alternatives to taking control over ones house hold users besides trying to make routers do all the work. People have to be proactive and responsible in teaching there children good use of the Internet and certain sites.
Over all, it's probably a cat and mouse game when it comes to access between parents and children. Children can be crafty in finding ways to gain access. ::)'
My 2 cents.
-
Kids, being what they are, will always find a way to get around firewalls, software and anything you do to their PC. If you have a hardware firewall, and they don't have access to it, that provides a little bit of control that they will find harder to work around.
Good security is a combination of strategies, not just a bunch of dumb software on a PC that is mega-easy for them to disable or work around.
If manufacturers, like D-Link subscribed to the attitude that PC software was the best and only solution, I'd suspect they would not beother with the hardware controls that they build into their products. But if you're going to build it in, then it should work.
-
So... you *can* confirm that it does exhibit the same behavior on your systems?
-
The only thing keeping kids out of a hardware firewall is a complex password.
FYI, Software firewall suites use the same method of keeping kids from changing their settings.
I don't see the logic of your post. Hardware=Secure, Software=unsecure?...is not so, unless child is a computer geek and versed in cryptology. If that's the case, neither will do and you should not stress over it.
-
Holy crud.
My goal, like millions of other parents, is to minimize distractions during homework time. Goofin' off on Facebook or YouTube is perfectly fine during other times of the week.
A lot of teens can't quite keep off Facebook and YouTube during homework time and it's no different with a LOT of working adults, hence the need for site blocking at offices around the globe, right?
The parental controls are a big selling point of this router. They put it on the box and everything. No matter how you slice it, the controls should work as indicated.
And a router's job of routing traffic seems perfectly inline with this. I'd imagine that's why they built the feature in.
-
So, to block with the firewall.
Make a rule
check dns relay
activate rule and web filtering
enter:
facebook
youtube
as sites to block, not the whole URL, just as written.
-
That's right.
...and Chrome gets right through.
-
If Chrome gets through your router, then there really can only be one cause. Chrome is using it's own IP/DNS proxy and not the one that the router is protecting.
Make sure Chrome is using your router as the DNS/IP source by hard setting your browser's proxy to the IP address of the router. Note that the fix is adjusting the browser, not the router.
*****
I sometimes will use IP "hiding" or hidden proxy server programs. When I do, the router is useless as it is effectively being bypassed. That seems to be exactly what is happening to you. To duplicate my trial, download a program called "Free Hide IP" from the WEB. When your IP is hidden or when you use a "proxy server" your router will be bypassed, unless you change the browser settings yourself. I have never used Chrome, so, I hope it has adjustable settings like all the others.
-
Thanks for the info. I tweaked all that and it did work, but I could only figure this out as a temporary fix. I think it depends on having a static IP, or maybe I did it wrong.
The "Change proxy settings..." in Chrome just hands you off to the Windows Internet Properties page, where you can then configure the proxy server.
Okay, but plugging in the router's IP of 192.168.0.1 didn't fly, so I had to use the IP of the modem. That'll change before too long and when it does, the fix won't work.
...or have I done this wrong?
-
One more try with more specific recommendations. Do you have and A or B router? If it's a B, someone else will have to assist. If it's an A and you have Dynamic IP from your ISP, try these settings or permutations of these settings.
Internet Setup
Try both advanced DNS checked (like mine) and unchecked.
Check Unicasting
Network Setup
Enable DNS Relay
Check Netbios Announcement
Check Learn Netbios from Lan
I recommend that you use static IPs or DHCP reservations for all workstations etc.
On each workstation NIC, or at least the kids computer, use the router's IP for DNS server address discovery in TCP/IP
Hope this helps.
-
Thanks. I do have a B router, but I still tried various iterations of those settings. No luck.
Let's go, D-Link.
-
Well, we gave it our best shot.
In talking with another Network Admin, she reminded me that Google is the largest, most deeply intrusive, organization on the WWW. They are gathering your information to sell, every time your computer is turned on. Surly you have Google-Analytics on your blocked site list as everyone should. She found it quite disconcerting that anyone would use a Google browser product and not expect it to have inner-workings that was loaded with backdoors, etc. She told me to tell you that she would bet money that the proxy configuration page in Chrome is just a placebo and they will route you where and how they wish to ensure that they profit from your patronage.
I'd say that is qute possible.
Good luck to you.
-
i agree, i have a friend that comes over for dinner every friday, and he runs what ever on all out systems in our home, and finds tons of stuff my son has installed, he has started blocking even his ability to install anything, becouse that google trash keeps getting installed, although once we got rid of anything to do with that site, every blocked page is now blocked for good,.. get rid of that chrome software, and i think your issue will be resolved
-
Google may be the devil, but you have to place the majority of blame on the router's parental controls. It should block sites it says will be blocked.
Aside from that, Chrome is a free download that is readily available. So is Opera. So is Safari. So is whatever someone thinks up next. These are all available for you in about four clicks. Do I have to install and check every one each time they update?
If I have to jump through hoops to try to lock down a teenager's computer to the point where they can't install anything, that's counter-productive for me and the teenager, and it still means the router's parental controls aren't doing the job they claimed they would.
Chrome, however awful and nefarious it may be (though it is pretty fast) is just the flavor of the month today. Something else will come along later that may get through the parental control, too, and I'll be trying to figure out how to lock that one down, right?
Or the firmware could figure it out, like it probably should.
But thanks again for your help. I do appreciate it.
-
Can the router block by protocol or IP address? It's kinda hard to block a keyword in a URL that is encrypted https so you may have to block all https traffic, which I doubt you want to do. More importantly, I don't see how it is counterproductive to monitor and manage what the kids are able to see/do. You either want control or you don't. If you want control over what and when certain sites are accessed get a full blown content filter or software that is specifically designed to do so.
The bouncer analogy is right on the money marmoduke.
-
Thanks. Blocking https works, but you're right that it also blocks another site I need to allow.
If there's a way to allow an exception, then that would be awesome.
The general consensus here seems to be that it's Google's fault for exploiting a vulnerability in the parental controls, and my fault for allowing my high schooler permission to install software on her own computer.
It's counterproductive when I have to be available to type in an administrator password in order for any .exe or plug-in to be installed. If you're trying to apply this level of security and control, your kid probably shouldn't be on the Internet because, don't kid yourself, the WWW can't be watered down to a G rating.
Hard to believe I need to buy a Sonicwall appliance and pay a $300/yr license just to limit access to Facebook. My D-Link (and Cisco, and Netgear) router said "parental controls" right on the box. What was that about?
-
Just curious, have you presented this issue with any on at Google?
Checked there forums for this?
I how they want users to use Chrome:
http://www.zdnet.com/blog/btl/why-is-chrome-so-important-to-google-its-a-locked-in-user/47295?tag=nl.e539 (http://www.zdnet.com/blog/btl/why-is-chrome-so-important-to-google-its-a-locked-in-user/47295?tag=nl.e539)
-
Try as i might, I still see no fault with the site blocking on my A router. I only wish it had more capacity.
To micromanage a computer, get a good software firewall. Your router is protecting the IP/gateway it is assigned. Chrome is using something else. To use a software firewall to block how Chrome is routing would most likely kill your internet via Chrome. The router is not a full blown firewall, it just macro manages and is best used with generalities like:
rolex
advert
click
free
cash
offshore
spy
google-analytics
adult
offer
adserve
traffic
redirect
promo
offer
-
I would guess that, since it has to be installed on her computer, it wouldn't be hard for my daughter to figure out how to disable or uninstall the firewall software.
I'm not by any means bent on using Chrome. If I manage to keep everyone in my house from using it, it doesn't solve the problem for the next guy who finds this glitch.
I haven't bothered trying to contact Google about it because I figured their response would probably be something like, "Cool!"
Just typing Facebook login into the address bar and clicking the top search result lets me login every time. What, besides that, is the difference between the A and B routers?
-
This easiest way to keep them from going to sites is to tell them not to do it and if they do they lose the use of the computer.
-
To be honest, I came to a D-Link forum more seeking computer advice. I get my parenting tips from Dr. Phil's website (username: DaddysCry2)
The solution I thought was easiest was to log onto her Facebook account, change her password, and change her contact address to mine. Done and done. ...and I can prove it works.
-
How do you have her computer account setup? Make her a limited user on the system and have a password protected admin account with your name and then setup the parental controls on the system to keep her out of places hat you don't want her in.
-
I would edit the host file too...if you want to keep her off FB entirely that is.
-
I tend to agree with Fluke. What is the point of developing access control, and website filters on certain time of day if all my 10 year old needs to do is type an " s " after http and the whole www is there at any time.
Sure , you could block the whole thing with firewall and parental control, but still , I think DLink dropped the ball on that one and at least don't advertise it as a feature.
-
I believe the controls do work, just depends if the configurations are set up correctly.
i do believe DNS Relay and Advanced DNS Services need to be used along with configuring Reserved IP addresses, Scheduling, and Access Controls.
If your having problems with Parental Controls, its recommended to contact your local D-Link support office, maybe level 2 and ask them for help.