|
|
|
Hi, this is my first post after joining. Im expecting to have my hyperoptic installed in 2 days time but I've noticed that there is no parental filtering features on the router. Is there any way to have some security. Any insight into this would be much appreciated. The website states that 3rd party routers can be used but would need to support "/31 subnet mask on wan". Im aware that buying a new router would give me these parental features but im not too sure on how many support this subnet mask. Thanks in advance for any help provided
|
|
|
|
Have you contacted Hyperoptic?
|
|
|
Plenty of people using third part routers like the Netgear Nighthawk range
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
Take a look at OpenDNS assuming you can change the DNS settings in the router.
|
|
|
|
I havnt yet contacted hyperoptic about this yet but i am sure there is no filter in place. I am looking at a few routers but im thinking of just using opendns as its a lot more cost efficient. It seems like a few simple steps to get it configured, just really hope it is possible on the router provided.
|
|
|
I presume that using an appropriate DNS setting is something that school children learn these days.
Michael Chare
|
|
|
I presume that using an appropriate DNS setting is something that school children learn these days.
What route do you suggest I take to filter out inappropriate sites.
|
|
|
That is the more difficult question. You could argue with Hyperoptic that it is a service which they should provide, as other ISPs do. Apparently it is not very popular! I don't think you can get a cheap box to put in the path to your router, and even then you would also need physical security to stop the box from being bypassed.
In the days before modern technology. I do recall people at school drawing their own, not that , at the time, I really understood why they were doing it.
Michael Chare
|
|
|
|
Just got off the phone speaking to the support team. I've been told that its not possible to have a static I.p so opendns isn't an option i assume. Would buying a netgear router resolve it. I don't really need military grade filtering. Just enough to block pornography sites.
|
|
|
Netgear Nighthawk R7000 £124.99 on Amazon currently
http://kb.netgear.com/app/answers/detail/a_id/25687/...
Talks about the parental controls, and they actually use OpenDNS, suspect router notifies OpenDNS about WAN IP changes, which is easy enough for the router to do.
Added bonus you'll have much better Wi-Fi with the dual band 802.11ac capabilities
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
Just got off the phone speaking to the support team. I've been told that its not possible to have a static I.p so opendns isn't an option i assume.
You might want to ask them to check, as they seem to offer it (for a cost).
http://www.thinkbroadband.com/news/7518-hyperoptic-a...
Matt
|
|
|
|
Thanks Mr Saffron but it uses OpenDNS and I've been told by the provider opendns would not work on this internet unless I pay for a static IP.
|
|
|
Do they mean CGNAT or dynamic public IP - two very different things.
So long as its a public IPv4 address, static or dynamic won't matter as the netgear router will see the IP change and can happily notify OpenDNS that your account is now using a different IP address.
If support deny that a static IPv4 address is available, did not even include if you were willing to pay the £5/m fee?
Edited by MrSaffron (Tue 29-Nov-16 19:57:01)
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
Support did say something about using CGNat now and I can pay extra for something but couldn't understand properly as by then the little one was screaming her head off. The installation is tomorrow so hopefully I should get some answers from the engineer. Might I also add this forum is brilliant. didn't expect replies so soon. Thanks you
Edited by deleted (Tue 29-Nov-16 20:10:36)
|
|
|
The extra will be a static IP and CGNAT means you don't have a public IP but a shared one which would cause issues using openDNS even if using a router based version like the Netgear uses.
If you don't get answers then come back to us tomorrow and will pester Hyperoptic to get someone to talk to you who does know the answer
|
|
The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
|
|
|
|
Thank you Mr Saffron. So just to make sure I got this correct.... even if I payed extra for the static I.P I still wouldn't be able to utilize OpenDns. I will let you know tomorrow
|
|
|
|
So the hyperoptic has been installed and is live. The installer wasn't quite sure on how to resolve my issue. I've created a OpenDns account and replaced the DNS on the router following the setup guide. It does filter correctly but as the IP is always changing the filters don't stay on the new IP. I've just purchased static I.p. what would be my next step now?
|
|
|
Hello,
You can set your router to restrict specific sites.
To set up URL Filter, go to:
Parental control
URL Filter
Pick the MAC address you put in under Parental Control/User Information
Enable
Choose Discard/Permit
Add the URL you want to block
If you need any further assistance please email [email protected] and our team will be happy to assist.
Kind regards,
Ana
|
|
The above post has been made by an ISP REPRESENTATIVE (although not necessarily the ISP being discussed in the post).
|
|
|
Why don't Hyperoptic offer an option to properly filter traffic for those who want it?
From what I have read it is possible to aquire equipment that does this, and is typically sold to businesses that are willing and have the money to pay for it.
Michael Chare
|
|
|
|
Hi hyperoptic, i have contacted support only to be told you dont filter. I wish I knew Michael.... do you know what hardware this is?
|
|
|
Parental filters are not a substitute for parenting or parental responsibility.
Most 'children' are more than capable of bypassing ISP or DNS filters by using proxy sites, the details of which are passed around and used in schools. If you want to devolve your responsibilities to a third party, look at device level filtering / monitoring - depending on the device https://account.microsoft.com/family/about may be of use.
|
|
|
|
No one said anything about it being a substitute. What are you trying to imply exactly?
|
|
|
Hi hyperoptic, i have contacted support only to be told you dont filter. Hyperoptic don't filter, why should they? They provide internet access to the whole internet not selected bits of it.
If you want filtering, you should install it yourself. As far as I can see you have already been advised on how to do this.
|
|
|
|
It should come as a feature. Why don't you do it for me
|
|
|
It should come as a feature. Why should it?
|
|
|
One of the best ISPs in terms of the broadband itself, AAISP, makes the rejection of any filtering a feature.
As has been pointed out to you, most schoolchildren can get round the mainstream provider parental controls with ease. Quite apart from what they can get on their mobiles. You need to educate them on the fact that porn is nothing like real life relationships and not the place to learn how to behave to others of any gender.
If you also want filtering, then engineer a solution yourself as described by the hyperoptic rep, or using one of the many add-ons. Some people also use a router with guest wifi, put restrictions on that and give that wifi login to their children to use rather than their main one.
How do you prevent them accessing porn at friends' houses?
Kindness isn't going to cure the world of all its awfulness but it's a good place to begin. Daisy Ridley.
My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - AAISP Home::1 80/20. Sync 59998/15108kbps @ 600m. - BQM
Edited by RobertoS (Fri 02-Dec-16 09:43:33)
|
|
|
It's very difficult to do this without using more advanced hardware.
On my own setup, I can (and do) catch ALL DNS requests made on my LAN, and either FORCE them to resolve locally (on a dnsmasq instance) or FORCE the packets onto alternative name servers (OpenDNS). The point here is that port 53 is caught and dealt with. I can configure my system so even if you try and use alternative name servers, it can still route you onto OpenDNS (or somewhere else, of my choosing).
So that's one point that kids would not be able to get around.
The second issue is proxies. Now the only way round that is a proxy on port 80 and 443, again, forcing all such traffic destined for those ports through the proxy (even having it deal with SSL traffic, which I believe is possible on newer versions of squid) and then locking down ALL other ports. Proxy can be configured to block even more interesting URLs and sites, plus becomes a nice method for logging browsing activity.
Shove all this configuration onto a custom wireless SSID running on a confined VLAN, and you just about have something that would be child proof. Make sure you run managed switches, password protected, and lock them in a cupboard so children can't just plug directly into the network on a spare ethernet port, and unplug cables to use ports on those switches that are actually configured. 
This turns into a rabbit hole of issues that need addressed, and I doubt you are going to get any of this on a off-the-shelf consumer router. OpenDNS is a start, sure, but it can be easily circumvented if the setup allows it.
|
|
|
SurfControl did it. (Much to my regret I turned down a being a director when it was set up. As you can see, I would now be a multi-millionaire  ).
What has happened since that wiki was written I don't know.
Roughly speaking it was pre-wifi network connections and worked by having a specialised network card on a machine that accepted all internet requests on the Lan and sent out immediate cancellations if blacklisted. The final link on the wiki article seems to go to where it has now ended up absorbed. No doubt wifi is now covered.
Don't Norton and Kaspersky and no doubt their competitors do it as well? At a more domestic price level?
Kindness isn't going to cure the world of all its awfulness but it's a good place to begin. Daisy Ridley.
My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - AAISP Home::1 80/20. Sync 59998/15108kbps @ 600m. - BQM
Edited by RobertoS (Fri 02-Dec-16 11:09:26)
|
|
|
|
I don't believe anyone should expect their ISP to censor/control their Internet connection - it may be an added feature, but if you need it then you'd have to make sure you're choosing the right ISP.
Another solution would possibly be too technical - something like a dedicated Sophos UTM box, set up to intercept and scan https as well as normal http. This doesn't really prevent unfiltered access through VPNs not proxies, so you'd need to lock down the PC/tablet/etc as well.
Honestly, as it's already been said, most kids nowadays will quickly find a way around most "protection" anyway.
|
|
|
Hello,
Unfortunately we don't have this feature available at the moment.
Kind regards,
|
|
The above post has been made by an ISP REPRESENTATIVE (although not necessarily the ISP being discussed in the post).
|
|
|
TBH this is something you should have checked before ordering.
I think you should be able to use OpenDNS with a dynamic IP.
You just need to use a DDNS client which can be run on some routers (I think even BT homehubs) otherwise on a PC.
Some info here - https://support.opendns.com/hc/en-us/articles/227987...
Edited by smouty (Mon 12-Dec-16 10:39:54)
|
Pages in this thread: 
Print Thread
