Networking/Computing Tips/Tricks

Rate this content:
5 of 5 - 1 votes
Thank you for rating this article.

We recently received the following query via email (some content edited):

I heard you speak a few weeks back and have a few questions regarding the "How to Parent the Internet" segment of your presentation. Is there a certain software required for blocking offensive content? Also, is there a standard way to block most or all pornography sites?   Any insight would be appreciated or if you have a website you could direct me to where I could find some of this information!

This is a great topic for discussion, and here is the response sent:

Thanks for the email query.  Hopefully I can give you an answer that will help.  If you have follow up, don't hesitate to ask.

You can block sites using your home/small business router.  There is a separate article on that. 

Let's start with a quick and easy trick that may work (remember that anything configured on the local machine can be adjusted):  to block websites on your home computer without investing in expensive software do the following:

Step 1: Click the Start button and select Run. Now type the following text in that Run box:

notepad c:\WINDOWS\system32\drivers\etc\hosts

Note: if you get a message "cannot create the C:\WINDOWS/system32/drivers/etc/host file and make sure the path and file name are correct”, go to: C:\WINDOWS\system32\drivers\etc.  There is a file called ‘hosts’.u,  click on it and it displays an ‘open with’ window.  Now, dont click on it, but right click and select properties.after that uncheck read-only from the bottom of the window that will ok to close the window.  You should be good to edit the file now.

Step 2: You will see a new notepad window on your screen containing some cryptic information. Don’t panic. Just goto the last line of the file, hit the enter key and type the following:

Save the file and exit. That’s it. None of the above sites will now open on your computer.  You can block as many websites as you like with the above technique. If you want to remove the ban later, open the same file as mentioned in Step 1 and delete the above lines.

Let's move on.

I probably mentioned Australia in my talk.  Here is a great link that I recommend you read in its entirety about what goes on there:

Hopefully you have already seen some great links by either reading parenting the internet or by simply typing "parenting the internet" into your favorite search engine.

The answer is a complicated one, because it depends where you want to insert the roadblock.  But before I go there, let's discuss the roadblock options and issues, defining what the block is going to do.

Pornography on the Internet is really like any other content from a standpoint of how the content is accessed and transmitted across the Internet.  Content is contained on web sites, usually as files, that are accessed by selecting the file from a list on the web page.  Web sites are located at web pages.  These have IP addresses.  So one way to block access to the content is to ban transmittal of IP packets to those IP addresses.  The challenge here is how to collect a complete list of such addresses.  As new sites come on the scene, or if XXX web sites change their IP addresses from time to time, the challenge is further complicated by keeping the list current.  Another option would be to find certain key words or phrases contained in IP packets, and if those words or phrases are found, the packets are filtered (deleted).  The challenge with this method is one must look inside IP packets (snooping) which is more work.  A further challenge is what if the match is a false positive and prevents access to a legitimate page or source.  Lastly challenging here is that videos and sound clips don't have phrases in them, so they can fly right under this filter method.

The next challenge is where to create the roadblock.

Let's talk about the points starting at the end user PC.  Certainly the end user PC could have a program installed that will block the content.  There are software programs out there that do this.  The challenge of this method is that it requires administration on each PC it is installed onto.  Here are some end user PC programs:

Keep in mind that you can also configure your browser to be more secure.  Here's how you do it:

  1. Click "Tools"
  2. Click "Internet Options..."
  3. Click on "Content" tab
  4. In the "Content Advisor" section click on "Enable..."

You are now in the Content Advisor. From here you can set your settings.

  • "Ratings" tab - Set rating levels for: language, nudity, sex and violence.
  • "Approved Sites" tab - Name sites that you will allow your children to always view or name sites that you never want your children to view, regardless of the site's rating.
  • "General" tab
    • Allow or disallow your child to see sites that are not rated.
    • Create a password - this is great for use with older children. You set a password, then if your child goes to a site they want to see, but it is a disallowed site, you can allow the site using the password. You will have the option to always allow the site or only allow it this one time.
    • View or modify the rating system

The next spot to do blocking is in the customer home/business router/gateway, you know, the NetGear/Linksys/D-link box.  Some are better than others, but you can configure some to simply block access to a list of sites that are offensive.  Check out an example video at

The next spot is in the service provider network that you can sell as a service.  In order to locate the IP address of a site (for example if I type in my web browser), the first thing that happens is that the web browser and my protocol stack attempts to look this URL (Universal Resource Locator) in a domain name server or DNS.  When you sell Internet services you provide an IP address to your users and a DNS server address they must use.  The usual DNS allows connectivity to everyone known on the public Internet.  However, you could install an optional DNS server in your network that will not return the IP addresses of the offending sites, therefore the URL to address cannot be resolved and therefore the site becomes unreachable.  One such free tool can be found at:

Coming soon is that all XXX content providers will be required to use the instead of names.  This is part of the Web 3.0 vision.  This will make life much easier, but managing compliance will be tough.

As a service provider, you do have large routers in the network.  Those routers can be configured to apply access control lists to interfaces facing your customers.  There is information on this at and other manufacturers.

Another thing the service provider can do is to buy and install a really good firewall system.  There are a number available (see Barracuda, and among others), but these can be configured to do filtering and blocking as well as virus, trojan, and other malware filtering.

I have rambled on enough for now.  Bottom line is that none of these approaches is perfect and there are so many social issue involved (I am no expert on those).  All you have to do is type "defeat parental controls" into your search engine and you will see that the community trying to develop solutions is matched by a community trying to find workarounds.  My personal opinion is that you must develop a balance of multiple touch points, but love the idea of a DNS service that can succeed 90%+ of the time.

This is a fairly deep subject, I hope I have hit somewhere in your needs ball park.  I look forward to your follow up.

I hope you find this article and its content helpful.  Comments are welcomed below.  If you would like to see more articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!, and all comments are welcome! 

Add comment


Did you learn something?
Did I save you time? 

Buy me a coffeeBuy me a coffee!

Find by Tag

5G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az ACL Addressing Analysis Ansible Architecture ARP Assessment AToM Backup Bandwidth BGP Bibliography Biography Briefings CBRS CellStream Cellular Central Office Cheat Sheet Chrome Cisco Clock Cloud Computer Consulting CPI Data Center Data Networking Decryption DHCPv4 DHCPv6 Display Filter DNS Documentation ECMP EIGRP Ethernet Flipping the Certification Model Follow Me Fragmentation Git GNS3 Google GQUIC Hands-On History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 In A Day Internet IOS Classic IoT IPv4 IPv6 L2 Switch L2VPN L3VPN LDP Learning Services Linux LLN Logging LoL M-BGP MAC MAC OSx Macro Microsoft mininet Monitoring Monitor Mode MPLS Multicast Name Resolution Netflow NetMon netsh Networking Network Science nmap Npcap nslookup Online Learning Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX Parrot Passwords pcap pcap-ng PIM Ping Policy Port Mirror POTS POTS to Pipes PPP Profile Profiles Programming Project Management Python QoS QUIC Requirements RFC RIP Routing RPL RSVP SAS SDN Security Self Certification Service Provider Small Business Smartport SONET Span Port SSH SSL Subnetting T-Shark TCP TCP/IP Telco Telecom 101 Telecommunications Telnet Terminal TLS Tools Traceroute Traffic Analysis Traffic Engineering Training Travel Troubleshooting Tunnel Utility Video Virtualbox Virtualization Voice VoIP VXLAN Webex Wi-Fi Wi-Fi 4 Wi-Fi 5 Wi-Fi 6 Wi-Fi 6/6E Windows Wireless Wireless 5G Wireshark Wireshark Tip WLAN ZigBee Zoom

Twitter Feed