Coldblackice
[H]ard|Gawd
- Joined
- Aug 14, 2010
- Messages
- 1,152
What are some of the most common ways that the average home user might employ to get around restrictions?
I'm trying to lock down a machine from any lascivious "love-watching", but it's been a while since I've had any dealings with machine restrictions.
So far, I've installed K9 (by no means perfect, of course). I've also contemplated a DNS-based protection like OpenDNS FamilyShield. I plan to disable Windows safemode, as well.
This isn't for anything employment related, and is by no means "mission critical" -- so I'm not too worried about locking it up with Knox-grade restrictions I'm just looking for some of the most common/likely holes that the average home user might use to get around restrictions.
As for locking down the user's ability to install programs -- if this could somehow be remotely unlocked on a per-instance basis (using Windows 7), that would be great. I imagine that, short of using a fully managed domain server, it's not feasible. And I'd rather not have to physically drop in on the machine each time something needed to be installed.
...On that note, however, I suppose that could be done as simply as through a VNC server/client. Duh.
VPN is always a restriction-bypassing threat, of course. How might one go about blocking VPN access, whether through the machine or at the router level?
I'm trying to lock down a machine from any lascivious "love-watching", but it's been a while since I've had any dealings with machine restrictions.
So far, I've installed K9 (by no means perfect, of course). I've also contemplated a DNS-based protection like OpenDNS FamilyShield. I plan to disable Windows safemode, as well.
This isn't for anything employment related, and is by no means "mission critical" -- so I'm not too worried about locking it up with Knox-grade restrictions I'm just looking for some of the most common/likely holes that the average home user might use to get around restrictions.
As for locking down the user's ability to install programs -- if this could somehow be remotely unlocked on a per-instance basis (using Windows 7), that would be great. I imagine that, short of using a fully managed domain server, it's not feasible. And I'd rather not have to physically drop in on the machine each time something needed to be installed.
...On that note, however, I suppose that could be done as simply as through a VNC server/client. Duh.
VPN is always a restriction-bypassing threat, of course. How might one go about blocking VPN access, whether through the machine or at the router level?