Windows 7 Want to block all game channels (minecraft, steam) from router - but want to keep internet access

Chewy

Well-Known Member
Ok. My son is grounded from the internet. He now "all of a sudden" has a project due that requires the internet. Surprise surprise. SO.... I want to allow internet access for "research", like Google or whatever. BUT - I don't want him sneaking in games, which I know he will.

Here's what I found:
https://support.steampowered.com/kb_article.php?ref=857...
That shows ports for STEAM, his favorite gaming site

Also:
http://bukkit.org/threads/what-port-does-minecraft-mult...
That's for Minecraft.

Here's my router setup:
http://www.BryanKollar.com/setup.jpg

What do I need to put in the PORTS field to ONLY allow internet access for browsing and not gaming?

THANKS!!

P.s. I need to be absolutely sure the answer is correct. If he's grounded, and I think he's locked out and he's not, that's not a good thing
smile.gif
THANK YOU!!!!!!!!!!!!!!!!!!!

My guess is port 81 through 65535?
 
Hi,
Don't know if this is accurate or not, but there are other ways of blocking him out of that Steam site or any other web site. You can go to his computer and login as an Administrator or Owner account if he doesn't have that. Go to IE and right-click on the Gear Icon, then go to the SECURITY TAB, click on the RESTRICTED SITES icon, and then the SITES button. In the "ADD SITES TO THIS ZONE" box, type in or Paste the Steam site url, such as http://store.steampowered.com/and simply click the ADD BUTTON to add the Steam site to the list of restricted websites list below.

This will effectively block him from the Steam site or any other gaming sites you wish to block him from. The issue here, is that kids today are smart, so if he has another browser program such as Chrome, Firefox, or Safari also installed on that computer, he will simply use another browser program to access his gaming sites. If he has none of these other browsers, you effectively have blocked him from any websites you don't want him to go to. Not quite as effective as the Router port blocking. If he does have some or all those other browsers, you'd have to duplicate the restricted sites list in each of those other browsers. That can be done but it takes some work, since each of those other browsers have the restricted sites settings in a different place.

Some other things you can try:
1) Install Parental Control software from Norton or McAfee if you are running those; the downloads are free, and they will block out an individual Windows User or all Windows Users on the computer he is using.
2) Download and Install either NetNanny or CyberPatrol parental control programs and enter the list of sites such as Steam into the restricted sites list, similar to doing it in IE as above. These programs, as the programs in #1 not only block him from sites you designate, but also provide a comprehensive log of every single site he visits using his account down to the second. Usage is recorded 24x7x365 UNTIL YOU TURN IT OFF. This is very usefuly to see if he's visiting other dangerous sites that you don't know about.
3) If you have another computer in your home, create a Limited User account with his name on it, such as "Jack". This will prevent him from installing ANY new programs or plug-ins or add-ons to Browsers (such as BHOs) which are used in just about all online gaming platforms. He can surf the web normally via Google or Yahoo!, but he will not be able to install any Games or anything like Chat programs.
4) If you insist on giving him ownership priveleges on his own computer or on yours, then you need to simply stand there over his shoulder the entire time he's using his computer or your computer to surf the web for homework. Some parents I know employ this method, and make their kids sit in the family room if they have a shared household computer, and watch them the entire time.

I never did this myself; being an IT guy, I did sneaky router port blocking as you are attempting to do, and installed various parental control software onto my son's computer with a limited Windows account. He couldn't install any programs without asking me, and I knew 100% everywhere he visited on the Internet!!

Other parents I know employ a more brute-force method. If their kid has a laptop and they've misused it; they simply take the laptop away from the kid and lock it up where they can't get it. If the kid has homework to do for school, they force the kid to use a shared home PC in a common area; not in their rooms behind a closed door where they cannot be constantly monitored; or employ Windows account security as I've already mentioned. Some parents when they do this, will tell the kid to go their local library as most have free Internet computer access for 1 hr per day. Another effective solution, as the libraries all have built-in parental control software. Of course if the kid in question in under 16 and can't yet drive, you the parent have to take and pickup kid to/from library. This isn't really convenient for the parents but works quite well.

So, I might suggest that you take a more active role in his banishment from Internet usage, and don't rely entirely on your router blocking or even parental control software. None of those are 100% effective. Like I said kids are smart. When I had my son blocked from gaming sites when he got his first laptop at about 15; he simply found a neighbor's open wifi connection and downloaded whatever he wanted onto the laptop.:eek: None of my safeguards prevented that one! Took me a couple of months to figure out how he did it. Don't underestimate your kid's ability to think outside the box.:noway:

Sorry, I didn't answer your Port question; but you can see that it still might not work 100%.

Best of luck,
<<<BIGBEARJEDI>>>
 
Thank you all.

Getting access to his desktop is not what we do here. He bought it with his own money, he's 17. We respect each other's personal property. There's no way I am going to take it away or log in to install anything. He bought it with his own money and installing something on it is just "not right" in my eyes. I wouldn't want him doing that to mine or my wife's. He's not grounded that often at all and was just a one-off thing and wanted to know how to do this in case it happens again. He he was 14 or under, yeah, I can see that happening, but not at age 17.

Thanks!!
 
The question is, can you rule people, or can you only try to guide them? I believe the latter.
 
Due to the addictive nature of many video games, and the excessive time spent by employees and other children in general :)> the game sites must be blocked at the router. Due to dynamic DNS, and server automatic load balancing, gamesites change their IP address often, and the DNS record is updated with the new IP address. Most carriers update their DNS records every 15 minutes. We have Fortinet fabric security, and we can program the routers to periodically search the current DNS resolved IP address for the list of games, such as minecraft, realmofthemadgod, steam, kongregate and so forth. The routers then block that resolved name, not any one specific IP address.

The problem is at home, I don't know of a home class router that has the capability of interrogating DNS names and blocking those sites. If anybody knows of such a router, please post it. I used to have a dlink router that I believe had this capability, but it's long gone now. My current Moto router does not have this capability.

The other approach that you can take is when you get home from work, open a DOS box and ping your list of gamesites. Then update your router's block list accordingly. Kind of a pita, Or you can contact your carrier to see if they can provide a router with this option.
 
At most with a home router you can block ports and IP addresses, but that will take considerable effort to block them all, plus if the people you're trying to block are smart and have admin access they can install a VPN client, tor or a proxy to bypass these blocks. No what you want is a security gateway that has site categorization to block 'game' traffic as well as VPNs, proxies and tor.
 
If you have a unused computer that you may put an extra network-card in, you could block access to webservices by installing the FREE Sophos XG Firewall Home Edition at: Free Firewall - Home Edition | Sophos Firewall for Home

"Give your home network a much needed security boost. The Home Edition of the Sophos XG Firewall features full protection for your home network, including anti-malware, web security and URL filtering, application control, IPS, traffic shaping, VPN, reporting and monitoring, and much more.
  • Full protection for your home users and your home network
  • Integrated, hardened Linux operating system
  • Runs on Intel-compatible hardware"
Actually You would only need the BOLD functions… And you would get full control of everything that happends on your network..
Although I think this might be a bit to much perhaps..
 
Back
Top