Thanks to Dan for this guest post on internet filtering & access control. So many have asked us how we do this in our home that he heartily agreed to share with you how we handle technology in our home. He’ll be doing three posts starting with some terminology to kick things off.
Protecting Our Kids with Internet Filtering & Access Control on Any Device
Protecting our kids from negative influences may have been easier back when we were kids and our parents simply had to tell us not to hang out with the rough kids down the street. But today, parents may struggle with protecting their kids from the negative influences of technology, either from being too absorbed in online activities, such as Facebook and other online interactions, or coming across the many negative things available on the many dark corners of the web. Some of these challenges can come from the fact that often the kids know more about navigating the digital realm than parents do. The purpose of this article is to help regain some of that ground for parents, by teaching you the basics of how the Internet works, and how you can work to filter and control the information your children access on the Internet.
Ultimately this should be only one set of tools in your parenting toolbox. As our kids grow up and head out on their own they need to be equipped to make their own judgment calls and control their own usage, as the world exists without these protections, so kids needs to be able to manage those decisions on their own.
I have our home network setup to both restrict when our kids can get on the Internet, but also what they can reach while on it, for both the main school computers as well as their portable devices (tablets and handhelds). The information I am presenting here is by no means a definitive how-to manual on these issues, nor the only way to do this. It is just what I have found to work well for our home, and at little to no cost. This setup was driven by our desire to allow our kids to be able to use some of the their devices while preventing them from accessing the Internet when they should be sleeping. So, for example, they could use their Samsung Galaxy Player (an Android version of an iPod Touch) to listen to downloaded music but not surf the web. Or, to let them read a book on their tablet, but not be able to watch YouTube after a certain hour.
How Does Networking & the Internet Really Work?
Before we get into how I set this up, a quick introduction to how networking and the Internet work. Please don’t worry that this will be over your head as I will try to explain it in as simple as terms as I can. But, it is also important to not give up. If you want to be able to take back control over your home network, you will need to understand a few basics.
What’s an IP Address?
The first is to understand what number your home is assigned. Computers use numbers called IP addresses to talk to one another, similar to the function a phone number plays. When you want to call someone, you dial their phone number, and the phone system locates the phone for that number and rings it. It is the same thing for computers, so your router calls up the ISP and asks what IP address you house has been assigned. IP addresses consist of 4 numbers between 0 and 255, separated by periods (18.104.22.168 for example). IP addresses are the numbers that all computers on networks use to talk to one another, and an important thing for them is that no two computers on the Internet have the same number. It would be like having two different people around the world having the same exact phone number. When you called that number, which phone should ring? That wouldn’t work too well so your ISP assigns a specific IP address to your router when you connect to it and this is the number that any other computer in the world uses to call your house on the Internet. If you are curious what your IP address is you can go to www.whatismyip.com and the web page will tell you.
Now, the assignment of this IP address is not permanent. Your ISP may need to change the number assigned to your home occasionally and it does that automatically. Your router handles that change just fine and you don’t even notice, but understand that is does occasionally change. This is referred to as a dynamic IP address instead of a static IP address. Most networks are setup with dynamic addresses, which change over time. This can make some of our work a bit harder but it is the reality of how modern networks are run.
Your router also has to be able to talk to all of the devices inside your house so it needs to give them numbers as well, similar to the extension numbers the 5 phones in our Blog, She Wrote headquarters need. So, the router assigns all devices that connect to it IP addresses as well but these are different than the ones used by the rest of the world. There are a limit to the number of IP addresses available to the whole world (approximately 4.3 billion, but there are a LOT of things connected to the Internet these days), so your ISP only gives you one of them (similar to the phone number of our Blog, She Wrote HQ – 607-555-1234). So, your router assigns special internal phone numbers to all of the devices at your house that are only used by the device and the router. At the Blog, She Wrote HQ these would be the extension numbers of the 5 internal phones (ext. 1, ext. 2, etc.), except in this case, only the receptionist (router) and the other internal phones (laptop, iPad, etc.) know these numbers. Everyone else in the world calls the receptionist (router) who relays the call to that phone (computer). The internal addresses are formatted the exact same way as the external addresses (###.###.###.###) but they are usually in a special range of numbers set aside for this purpose.
These ranges are:
- 10.0.0.0 – 10.255.255.255
- 172.16.0.0 – 172.31.255.255
- 192.168.0.0 – 192.168.255.255
with the first and last ones being the most common for home networks. Again, remember even these internal addresses are dynamic, and change over time. So, if your son’s iPad is assigned to number 192.168.1.120 today, that might not be the case tomorrow. But don’t worry, your router keeps it all straight for you.
MAC Addresses & Your Router
To help it keep things straight, your devices talk to your router (and vice versa) using numbers that do not change. These numbers are called MAC addresses. These look very different than IP addresses as they are a set of 6 hexadecimal numbers, and look a bit like this: 00:1E:A8:4E:8B:32. Hexadecimal is a special way of counting to 16 by adding in the letters A-F in addition to our numerals 0-9. You don’t need to worry about those details, but when you need to locate the MAC address you will know what it looks like. These addresses are also unique for each device in the world (there are over 200 trillion possible MAC addresses) and are hard coded into the device. If you have a laptop with two ways to connect to the Internet (Wi-Fi and a jack you can plug a cable into) then it will have two unique MAC addresses, one for each.
So, when you first turn on your laptop, the laptop calls the router using it’s MAC address and requests an internal IP address. The router issues it one and then uses that IP address to talk to it after that. When the laptop wants to reach the Web, it sends the request to the router, who dials out to the rest of the Internet for it, and then sends the web page to it when it arrives, all within the blink of an eye! So, this is a bit like the Blog, She Wrote HQ receptionist both receiving and making calls for us. We cannot direct dial out to the world, but we have to request that they do it for us.
Your router may not look like this, but it still has a very important job!
This makes the receptionist a very powerful person in the office, as nothing happens without their assistance. If we make friends with our receptionist (your router in this case), we can get a lot of control on the comings and goings on our phone system.
How Does a Computer Know Which IP Address to Call When You Dial Out to the World?
One last topic to cover is how the computers know what IP addresses to call when you dial out to the world. All computers, even websites, are only reached by IP addresses, those 4 numbers separated by periods. When you want to reach your favorite blog, www.blogshewrote.org, what number does the computer dial? If you recall, most IP addresses are dynamic, changing over time, even ones for websites like Blog, She Wrote. To account for that, the Internet has the Domain Name System (DNS). Whenever a computer is assigned an IP address, either your router being assigned an external one by your ISP or your iPad being assigned an internal one by your router, it is also told what DNS server to call to look up addresses. So, when you tell your tablet to go to www.blogshewrote.org, your tablet calls up the DNS server by number, requests the number for www.blogshewrote.org, and the DNS server looks up the IP address in a directory that is constantly updated. So, going back to our analogy, this would be like someone at Blog, She Wrote HQ wanting to call some other company, but the phone numbers are always changing. So, you get told what number to call for directory assistance, and before you make each call, you call directory assistance to get the phone number for today.
So, to recap, your very important router (receptionist) stands between all of your computers (phones) and the Internet (rest of the phone system). It first talks to the computers (phones) using MAC addresses until it can assign them internal IP addresses (phone extensions). It receives from your ISP an external IP address (phone number) that the rest of the world can use to reach your computers (phones). All of the IP addresses (phone numbers and extensions) can change over time, so whenever you connect to something on the Internet (make a call), your computer needs to call a DNS server (directory assistance or the operator), and request the current IP address (phone number) of the website (person you are trying to call).
In the next post we will go over how we can leverage the power of the router and the DNS servers to help control the comings and goings to the Internet.