Compact Guide To Child Protection Online

Compact Guide to Child Protection Online – The Essential Strategies
Compact Guide to Child Protection Online
The Essential Strategies
David Teisseire, CISSP
Second Edition Revision 2.2
Page 1 of 71 Edition 2 Rev 2.2

 Copyright David Teisseire, CISSP 2002 - 2003
The right of David Teisseire, CISSP to be identified as the Author of the Work has been
asserted by him in accordance with the Copyright, Designs and Patents Act 1988.

Table of Contents
PREFACE – A PERSONAL NOTE TO THE READER...........................................................................7
INTRODUCTION..........................................................................................................................................9
HOW THIS BOOK CAME INTO BEING......................................................................................................................9
WHO SHOULD READ THIS BOOK?.........................................................................................................................9
HOW THIS BOOK IS STRUCTURED.......................................................................................................................10
PART 1 – THE HUMAN FACTORS.........................................................................................................11
TOPIC 1 – RELATIONSHIPS...............................................................................................................................11
Threat....................................................................................................................................................11
Mitigation.............................................................................................................................................11
TOPIC 2 – LOCATION OF INTERNET ACCESS.......................................................................................................12
Threat....................................................................................................................................................12
Mitigation 1..........................................................................................................................................12
Mitigation 2..........................................................................................................................................13
TOPIC 3 - PARENT AND CHILD CONTRACTS.......................................................................................................13
Threat....................................................................................................................................................13
Mitigation 1..........................................................................................................................................14
Mitigation 2..........................................................................................................................................14
PART 2 – INTERACTIVE SERVICES.....................................................................................................16
TOPIC 4 - CHAT ROOMS..................................................................................................................................16
What are they........................................................................................................................................16
Threat....................................................................................................................................................17
Mitigation 1..........................................................................................................................................17
Mitigation 2..........................................................................................................................................18
Mitigation 3..........................................................................................................................................18
Mitigation 4..........................................................................................................................................19
Mitigation 5..........................................................................................................................................20
TOPIC 5 - VOICE CHAT...................................................................................................................................20
What is it...............................................................................................................................................20
Threat....................................................................................................................................................21
Mitigation 1..........................................................................................................................................21
TOPIC 6 - WEBCAMS......................................................................................................................................21
What are they........................................................................................................................................21
Threats..................................................................................................................................................22
Mitigation 1..........................................................................................................................................22
Mitigation 2..........................................................................................................................................22
TOPIC 7 - INSTANT MESSAGING.......................................................................................................................23
What is it...............................................................................................................................................23
Threat....................................................................................................................................................23
Mitigation 1..........................................................................................................................................23
Mitigation 2..........................................................................................................................................24
PART 3 – DELIVERED SERVICES..........................................................................................................25
TOPIC 8 - WORLD WIDE WEB........................................................................................................................25
What is it...............................................................................................................................................25
Threat....................................................................................................................................................25
Mitigation 1..........................................................................................................................................25
Mitigation 2..........................................................................................................................................25
Mitigation 3.........................................................................................................................................26
TOPIC 9 - SEARCH ENGINES............................................................................................................................27
What are they........................................................................................................................................27

Threat....................................................................................................................................................28
Mitigation 1 .........................................................................................................................................28
Mitigation 2..........................................................................................................................................28
TOPIC 10 - USER PROFILES..............................................................................................................................31
What they are........................................................................................................................................31
Threat....................................................................................................................................................31
Mitigation 1..........................................................................................................................................31
TOPIC 11 - EMAIL..........................................................................................................................................32
What is it...............................................................................................................................................32
Threats..................................................................................................................................................32
Threat 1.................................................................................................................................................33
Threat 2.................................................................................................................................................33
Threat 3.................................................................................................................................................34
Mitigation1...........................................................................................................................................35
Mitigation 2..........................................................................................................................................36
Mitigation 3..........................................................................................................................................36
TOPIC 12 - CLUBS AND GROUPS.......................................................................................................................37
What are they........................................................................................................................................37
Threats..................................................................................................................................................37
Mitigation 1..........................................................................................................................................38
TOPIC 13 - IMAGES........................................................................................................................................38
What are they........................................................................................................................................38
Threat....................................................................................................................................................39
Mitigation.............................................................................................................................................39
TOPIC 14 - LITERATURE..................................................................................................................................40
What is it...............................................................................................................................................40
Threat....................................................................................................................................................40
Mitigation.............................................................................................................................................40
TOPIC 15 - PEER TO PEER SERVICES.................................................................................................................41
What are they........................................................................................................................................41
Threats..................................................................................................................................................41
Mitigation ...........................................................................................................................................41
TOPIC 16 - MP3 MUSIC................................................................................................................................42
What is it...............................................................................................................................................42
Threat....................................................................................................................................................42
Mitigation.............................................................................................................................................42
TOPIC 17 - VIDEO..........................................................................................................................................42
What is it...............................................................................................................................................42
Threat....................................................................................................................................................43
Mitigation.............................................................................................................................................43
TOPIC 18 - EZINES.........................................................................................................................................43
What are they........................................................................................................................................43
Threat 1.................................................................................................................................................44
Threat 2.................................................................................................................................................44
TOPIC 19 - USENET........................................................................................................................................45
What is it...............................................................................................................................................45
Threat....................................................................................................................................................46
Mitigation.............................................................................................................................................47
PART 4 – SAFE ALTERNATIVES............................................................................................................48
TOPIC 20 - SAFE WEB BROWSERS...................................................................................................................48
What are they........................................................................................................................................48
The Family Browser.............................................................................................................................48
TOPIC 21 - FIREWALLS AND FILTERING.............................................................................................................48
What are they........................................................................................................................................48
We-blocker ...........................................................................................................................................49

Zone Alarm...........................................................................................................................................49
TOPIC 22 - SAFE CHAT ROOMS.......................................................................................................................49
What are they........................................................................................................................................49
TOPIC 23 - SAFE SITES...................................................................................................................................49
What they are........................................................................................................................................49
TOPIC 24 - SAFE SEARCH ENGINES..................................................................................................................50
What they are........................................................................................................................................50
Yahooligans..........................................................................................................................................50
AskJeeves for Kids................................................................................................................................51
Family Friendly Search........................................................................................................................52
SurfSafely..............................................................................................................................................53
TOPIC 25 - SAFE PORTALS..............................................................................................................................54
What are they........................................................................................................................................54
Kids.Net.Au ..........................................................................................................................................54
Blackstump............................................................................................................................................54
Beritsbest..............................................................................................................................................56
SurfSafely..............................................................................................................................................56
CyberGuide...........................................................................................................................................57
PART 5 - SPECIFIC THREATS................................................................................................................58
TOPIC 26 - SCHOOL WEB SITES......................................................................................................................58
What it is...............................................................................................................................................58
Threat....................................................................................................................................................58
Mitigation 1..........................................................................................................................................58
Mitigation 2..........................................................................................................................................59
Mitigation 3..........................................................................................................................................59
TOPIC 27 - PERSONAL WEB PAGES..................................................................................................................59
What are they........................................................................................................................................59
Threat....................................................................................................................................................59
Mitigation 1..........................................................................................................................................60
Mitigation 2..........................................................................................................................................60
Mitigation 3..........................................................................................................................................61
TOPIC 28 - CYBERBULLIES..............................................................................................................................61
What are they........................................................................................................................................61
Threat....................................................................................................................................................61
Mitigation 1..........................................................................................................................................62
TOPIC 29 – CYBERSTALKING...........................................................................................................................63
What is it...............................................................................................................................................63
Threat....................................................................................................................................................63
Mitigation 1..........................................................................................................................................64
Mitigation 2..........................................................................................................................................64
TOPIC 30 - HACKERS AND CRACKERS................................................................................................................65
What are they........................................................................................................................................65
Threat....................................................................................................................................................65
Mitigation 1..........................................................................................................................................66
TOPIC 31 - PAEDOPHILES................................................................................................................................66
Who are they.........................................................................................................................................66
Threat....................................................................................................................................................67
Child profile..........................................................................................................................................67
Signs 1 – Home Attitudes......................................................................................................................68
Signs 2 – Lifestyle Changes..................................................................................................................68
Signs 3 – Accounting Signs...................................................................................................................68
Signs 4 – The Rest.................................................................................................................................69
Mitigation.............................................................................................................................................69
CLOSING THOUGHTS..............................................................................................................................70

APPENDIX A – AUTHOR BIO..................................................................................................................71

Preface – A Personal Note to the Reader
A significant portion of this version of this book was written while having coffee at the
somewhat idyllic surroundings overlooking the hills from my local McDonalds, Golden
Grove, South Australia. Apart from the relative peace during the week, (if a McDonalds
can ever be truly peaceful), there was a certain family centric ambience
It was this family atmosphere, I believed, that enabled me in part, to focus on the nature
of what I was attempting to achieve both in this book and the other Internet security
initiatives I am involved in. I considered that the familiness of McDonald’s was a good
foil to the blackness of the Internet areas I was working in. Besides I enjoy drinking
coffee there.
It was a weekend morning about 10.30 am and I had taken the opportunity to do a little
work on this book while my son enjoyed the chance to play at Macca’s. While wrestling
with creating an effective mitigation for a particularly offensive threat, I looked out at the
playground as I periodically do, to check on my son. This time however, I was struck by
immense dis-proportionness of the whole matter.
Little children against the might of adults, who, in concert, have conspired to corrupt,
spoil and exploit the innocents. It was that 5-year-old boy climbing on the play
equipment; it was that 8-year-old girl in the midst of her birthday party opening all her
presents; it was that one-year-old struggling to walk in a straight line.
It was a noisy, whirl of activity, the sliding down the slippery dip and the running around
that caught my eye. I looked back at my laptop screen and re-read the threat that I was
working on. I looked back at the children.
It was these children; that girl, that boy, that baby that I was trying to protect. Up until
that moment I had known what I was doing. As an Information and Internet Security
Professional, I knew that I had both the opportunity and the obligation to protect children
from those who would exploit them. But it had always been from the perspective of
stopping or catching the bad guys.
Taking this perspective enabled me to be professional, objective, without bias. Those are
admirable qualities to strive for, but it does blind you to the human, the emotive, and the
full impact of the tragedy.
Right now I see it from the other side far more clearly than I had before. It’s not only
about stopping the black hats, but just as much about protecting the pink dresses and the
blue jeans and tee shirts.
I know well the face of the enemy, that multi tentacle black monster that prowls the
digital highways looking for victims that it may feed its perversions or drive its lust for
money. Today I met the other side.
I had always know that what was being done to our children was wrong, immoral,
unethical, unscrupulous and criminal. Today I discovered that what many parents are
doing by lack of action is also wrong, immoral, unethical, unscrupulous and criminal.
Harsh words to be sure, but I challenge every reader to go to their Macdonald’s, read the
threats then look at the children playing and ask if we are doing enough to protect not
only our children but all children.
David Teisseire, CISSP
July 2003
Introduction
Every author is acutely aware that the acceptance of his or her book is often determined
by what is written in this, the introduction of the book. Accordingly, authors tend to ramp
up their work, to promise all sorts of benefits and generally try to portray themselves as
the world’s greatest expert in the subject.
In a sense this is reasonable, as the author has to convince the prospective reader that
their time and expense will be worth while. I believe that it is the content and the effects
of that content that are paramount. It is the message and not the messenger that is
important here.
It is, however, reasonable that you the reader know what my qualifications to write on
this subject are, to know by what authority I write, to be able to evaluate if I have both
the knowledge and the experience to advise through this book. I have for this specific
purpose included a brief biography of myself at the very end of this book. This is purely
for those who want to know who the heck this guy is.
How this book came into being
This book started out as a course manual for attendees of the “Child Protection Online –
The Essential Strategies” series of lectures for parents, teachers and caregivers. Many
attendees expressed that they did not know how to specifically implement the strategies
presented in the course. From those beginnings it became apparent that there was a need
for an easy to understand, step by step solution manual for common child protection
issues. By definition the book had to address specific issues and enable the reader to
implement a specific mitigation within minutes. This then is my answer to those needs.
Who should read this book?
Within the computer security field there is a wealth of books and online material. The
problem with almost all of it is, that it is targeted toward the security professional or at
the very least the savvy computer and Internet user.
This book is different in that it specifically addresses the problems and threats faced by
parents, teachers and caregivers in the protection of children while using the Internet.
This book assumes nothing other than that the reader is able to use a computer and to be
able to log on and access the Internet. I have attempted to keep jargon to an absolute
minimum. The mitigations are described in such a way as to enable a parent to implement
the solution in a few minutes.
Since fear is probably the biggest hindrance to timid users, this book is heavy on how to
do it, rather than explaining the theory behind the action.
How this book is structured
This book is divided into a number of parts. Each part deals with a specific area of child
protection on the Internet. Within each part are a number of topics, each addressing a
specific aspect of that part. Finally within each topic there are a number of sections. Each
section addresses a specific issue, an answer to a problem.
Each section begins with a brief statement of the threat and in some cases where it is not
obvious, the reason that it poses a danger to children. Following the threat description is
the mitigation strategy to protect the child from that threat.
Each specific threat and mitigation can generally be read and acted on within 10 minutes.
If you perceive a threat then you could turn to this book look it up and dispatch the matter
in minutes. No studying, no theory and no need to wade through heavy specialist
manuals.
Part 1 – The Human Factors
This first part of the book concentrates on what is perhaps the most critical facet of the
child protection strategy. It is that part that relates to things that we can do even before
we turn on the computer. Because of this, it is also of value to those who are
contemplating the purchase of an Internet able computer and sets out some basic
guidelines for both parents and children.
Topic 1 – Relationships
Threat
The Internet continues the general pattern that began to develop decades ago. That pattern
is of course that our children are relating to inanimate objects more than they relate to
other people and more specifically to us as their parents.
It began with television, then video games and now it is in its most attractive form, the
Internet.
The problem is that our children are becoming disenfranchised from their families. They
are becoming isolated from the family and insulated from the reality of life. This I
consider to be the greatest danger of the Internet and the root cause of much of what
happens to our children when they surf.
This issue of the effects of disenfranchisement will rise up time and time again
throughout this book, and for that I offer no apology.
Mitigation
In all most all my lectures and speeches, I stress that the single most effective strategy to
protect children from those who would exploit, is for parents to have an open relationship
with their children.
Your children need to not only know that you care for them and their welfare but also
that they can come to you and discuss any matter without you going ‘spare’ at them.
Your children need to know that if they receive or view anything that causes them
embarrassment, fear or confusion then they can freely show you what it was, without you
asking them accusingly “what did you do?”
Many parents have told me that they were not aware that a child could be exposed to say
pornography without actively seeking it out. They thought that if it appeared on the
screen then, it was because the child went to a porn site. Such is simply not the case.
Children can be exposed to inappropriate content from a variety of means and only one of
those means is the child seeking it out.
As a parent we have to adopt the position that any inappropriate content on the screen
may well be the result of factors outside the child’s power to prevent.
When your child presents you with something that is not suitable for them, concentrate
on the child not the content. Explore how it makes them feel and make it very clear that
you are not making a judgement about them nor your love or concern for them.
If we ensure that they feel safe coming to us regardless of what the issue is, then they will
be willing to come to us when it is no longer a matter of simple inappropriate content.
Maybe then they will be willing to come to us when they are targets of the more serious
issues of being stalked online or pursued by a paedophile.
Topic 2 – Location of Internet Access
Threat
There is a considerable trend for parents to place the computer along with the Internet
access within a child’s bedroom. The rationale is that since the child is using the Internet
to study, it needs to be in a quiet place away from distractions. The problem with this is
that while it is quiet and away from distractions, it is also away from other family
members.
As a result many children are lured into situations and Internet sites that they perhaps
would be unlikely to find themselves if the Internet was not located in the privacy of their
bedroom.
Mitigation 1
This is once again a matter of disenfranchisement from the rest of the family. The only
solution to this threat is to place the Internet access point in some common room of the
house. The two most popular are the lounge room and the kitchen/dining areas.
In considering this, you must look at the usage pattern of the child and your constraints
on the times that the child has access to the Internet. Younger children tend to do
homework and contact friends just after school and before tea. In this scenario, it is
wisdom for the parent to locate the Internet access in the kitchen/dining area of the house.
The parent is then able to loosely supervise the child while preparing the evening meal. I
will come back to this concept of loose supervision a bit later.
Where older children are concerned, they tend to access the Internet later in the evening
after the meal. For these children, it is more beneficial for the access point to be located
in the lounge or family room. This should be the room that the family congregates in
during the evening.
I should warn readers that teenagers are going to try and convince you that they cannot
study and do research with all the noise from the television and other family members. I
would like to make two observations regarding this. Firstly, everyone in my family uses
the Internet connection that is located in our family room and the noise of television and
others rarely hinders their work. Secondly, we all know both from our own youth and
observation of our children that they are able to study, read and now even surf the
Internet with loud music and disjointed sounds.
So which is better? It is primarily a function of where the parents can be close by for the
greater portion of the time that the child is online.
Mitigation 2
I really like this one. I call it the drive by. This mitigation is part of the loose supervision
that I mentioned above. Even though your child may be in the same room as you while
they are using the Internet, they are often looking at the back of your head as you watch
television or whatever. Although this is a vast improvement on the situation where the
child is closeted in a bedroom, it still has the potential to be improved.
In this mitigation the parent occasionally and I stress the infrequency of this, gets out of
their seat and wanders past the child while on line. As they pass, they stop and have a
brief look at what the child is doing, maybe offering some encouragement or if you are
computer literate enough offering to help them find something that may be eluding them.
For those not so literate you could ask them how they managed to find that particular site
or information. Show interest in what they are doing, what they are seeking to
accomplish, even if it is only chatting to friends on ICQ (an Internet messaging service
similar in some ways to mobile phone messaging).
The object of this mitigation is to firstly give you a feel for what they are involved in and
secondly to reaffirm that they are part of the family and not alone, even when online. This
concept is so critical that I have coined the phrase “Never Lost On Line” in the child
protection lectures.
Now I may be deluded, but I am partly convinced that the reason that commercial
television stations place so many adverts on is so that you, as a parent can get up and
wander over to your children. This is a significant cultural change, we used to use the ads
to make a coffee or get something to eat. Perhaps you could combine both activities, as
you wander out to the kitchen, drop by your child and keep them part of the family.
Topic 3 - Parent and Child Contracts
Threat
Unless we give our children guidelines then we cannot in all due conscience expect them
to obey those guidelines. This is stating the obvious, I know, but often those guidelines
are presented verbally and in many cases they are variable and dynamic. What do I mean
by this? Many parents will change the guidelines and the criteria from week to week or
even day to day. In such a case, the child is not completely sure what is acceptable in this
particular instance.
Without clear direction, clear verifiable direction the child is expected to make decisions
that may be well beyond their ability and maturity to do so.
Mitigation 1
The first approach is to create and use a parent and child contract. This contract has two
distinct parts. Firstly there is the child contract where the child agrees to undertake or
refrain from certain acts and actions. The second is a similar contract that the parent
agrees to, which specifies the parent’s rights and responsibilities to the child. Both the
child and the parent sign both contacts.
All parties then post these contracts near the computer and Internet access point for easy
reference.
In the past I have encouraged parents to create and use these contracts as a form of
written guidance for children as to what is acceptable and unacceptable while using the
Internet.
Various child protection web sites have model parent and child contracts. Try entering
‘Child Internet Contract’ into a search engine and select one that meets your needs.
Mitigation 2
Increasingly I am promoting this as a better alternative to Mitigation 1 above. This does

not suggest that the first mitigation is without value, but rather that it may lack the
personal, family centered feel of this mitigation.
This mitigation can be performed at any time and may even require review from time to
time. As a parent, call a family meeting. Now I know that not all families hold family
meetings or even feel comfortable with the concept so lets just lower the formality a bit
and get together with your children at some convenient time, maybe over the evening
meal. If you are thinking that there is no time that the family gets together then I would
seriously suggest that the disenfranchisement issue discussed above is critical in your
home and you may need to look at significant lifestyle changes.
When everyone is assembled and paying attention, begin by addressing the issue of
Internet use. Explain that the Internet is a finite resource and you wish to maximise
everyone’s enjoyment. Encourage your children to discuss when they want access. From
this explore the issue of what is considered reasonable use and content. Once again get
their input.
Because of the nature of this review, don’t expect to get it all down at one sitting. Work
on it systematically. Over a period of time collect input that will ultimately become the
family policy on Internet use.
The issue of age appropriateness should be addressed at this point. Younger children will
not be able to express themselves to the same extent as teenagers, but incorporate their
input as well, even to the extend of including the odd silly suggestion. Will it really make
all that much difference if the home page is www.disney.go and not
www.ninemsn.com.au? Younger children will see such compromise as an indication that
their input does matter.
One final point, you may find value in allocating the final draft of the family policy to a
teenage child. Such an action will give them a sense of belonging to the policy and in a
very real way they will own it and its rights and constraints.
The family policy when finalised should be explained to all parties and a copy posted
near the Internet computer.
Part 2 – Interactive Services
I my lectures, I have addressed the issues and threats presented by the delivered services
of the Internet, then moved on to the Interactive service. In a lecture environment, this is
a natural progression. In this book however I want to address these issues in reverse as I
consider the Interactive threats to be of more significance than the delivered threats.
Firstly what are interactive services? An Interactive service is any Internet facility that
allows a user to communicate with another person or persons in real time. Consider the
interactive service to be like the telephone where both parties can conduct a real time
conversation. In contrast, delivered services are those that do not have a live person on
the other end conducting a two-way conversation or interaction.
Topic 4 - Chat rooms
What are they
Chat rooms are locations within the Internet that allow a number of individuals, usually
up to 40 per room, to congregate and chat via their keyboard onto a common screen. Chat
allows many people to conduct conversations within the room at the same time. Small
groups will conduct their own thread, or conversation stream within the chat room.
Chat rooms are often chaotic, confusing and ever changing. The people who use chat
rooms are often opinionated, out spoken and sometimes rather territorial. But for all this
chat rooms let people meet and talk about things of mutual interest.
Below is a screen capture of a chat room for teenagers called ‘teentalk1’ hosted by
ninemsn at www.ninemsn.com.au.
TIP:
IF YOU DECIDE TO LOG ONTO A CHILD OR UNDER AGE CHAT ROOM, CONTACT THE MODERATOR IF
PRESENT AND ADVISE THEM THAT YOU ARE AN ADULT AND THE PURPOSE OF YOUR PRESENCE. IT MAY BE
THAT YOU ARE SURVEYING A CHAT ROOM TO CHECK ITS SUITABILITY FOR YOUR CHILD.
Threat
Chat rooms are great places for friends to meet and ‘chew the fat’, to hang out, or to keep
up with the gos (gossip). It’s like a big room with everyone milling around and everyone
talking at once. The only difference is that everyone can see everyone else’s conversation
on the chat room screen.
The problem with chat rooms is they are notorious hangouts for individuals that would
impersonate, lie and exploit others. In this regard our children are particularly at risk.
Paedophiles or ‘rock spiders’ hang around child chat rooms and attempt to make contact
with and groom our children. They pretend to be children with similar likes and
problems. They make contact then try to befriend them with the ultimate goal of
arranging a real life meeting with the child. Often they will lurk in the chat room not
participating but gathering information about various potential targets.
Mitigation 1
Teach your children that unless they know the person in real life, that is, they have met
them and know them, then they are a stranger. It is paradoxical that just about everyone
on the Internet is a stranger and in many ways this is one of the lures, the ability to meet
new people. For our children, we have to educate them that not everyone online is who
they say they are. A 13-year-old boy may in fact be a 40-year-old man. Just because they
say they are someone or something it doesn’t make it necessarily true.
Teach your children to take every thing with a grain of salt. Depending on their age, teach
older children how to look for inconsistencies in what people say in a chat room. Do they
claim to be one thing at the start of the chat, then as time goes on do they change it to
something else? These changes in their details and interests are driven by the need to
update their appeal based on information provided by the child. This is perhaps the
biggest tell tale, the subtle and some times not so subtle changes in the other persons
story.
Mitigation 2
Teach your children that under no circumstances are they to meet someone they have
chatted with in person without a parent being present. Explain that this is for their
protection and not because you want to interfere in their friendships.
Allied to this mitigation is that children should be taught to never give out any personal
information that may allow a person online to accurately identify them, where they live
or go to school. In the past there have been a number of instances where a child has made
a seemingly harmless comment that has led an exploiter directly to them with unfortunate
results.
Mitigation 3
Always ensure that your child is chatting in a moderated room. There are three types of
chat room. The first is totally un-moderated, the room exists and people can join and
leave the chat as they desire. There is no facility to monitor what is said in the chat room
nor who takes part in the chat session.
The second form is where there is a software bot or robot. This software is configured to
intercept banned words and actions and may take the action of logging an offender off of
the chat room. One of the problems with bots is that they are easy to circumvent and a
logged off user is able to log back on under a different name.
EXAMPLE:
IF YOU LOOK BACK AT THE SCREEN DUMP OF THE TEENTALK1 CHAT, YOU WILL SEE THAT THE
MODERATOR HAS LOGGED OFF MORTALBIGBADBRAD FOR INAAPROPRIATE LANGUAGE . IN THIS CASE
THE USE OF THE WORD ASS IN A G-RATED ROOM.
IN THIS INSTANCE THE MODERATOR IS MOST PROBABLY SOFTWARE PROGAM OR A BOT.
The third type is the moderated room and this is the type that you should try to ensure
that your children use. Basically one or more real live people run the chat room and
monitor the traffic. They look for not only inappropriate word and actions but also keep
an eye out for potential child exploiters. I realise that this is not always possible for all
age groups, but always insist on a live moderator for younger children. Although not
perfect, these rooms do provide a higher level of safety for your children.
As a side issue, quite a number of child chat rooms in addition to having moderators and
restricted opening times also prevent the use of private messaging between the chat
members in the room. I will discuss the issue of private messages later in the book.
Before your child becomes a regular user of a chat room, log on and look for, or ask in
the chat for the moderator/s to identify themselves. You may request that they allow a
private message with you. They may or may not allow this. If they do, identify yourself
as an adult and a parent and state that you are surveying the room to determine its
suitability for your child. Never pretend to be a child in one of these rooms as you may
find yourself being treated as a potential child exploiter.
An alternative is to allow the child to log on then identify yourself as their parent and
follow the same procedure with the moderator/s. The disadvantage of this approach is
that your child may be embarrassed within the room by having a parent come up in the
chat. Be sensitive.
Mitigation 4
All chat rooms require that any user have a unique screen name. This enables other users
to identify who sent each message. Some chat rooms provide for ad hoc screen name
generation, that is, the user either creates the name or the chat room creates it
automatically. A name generated this way is only valid for that chat session.
Other chat rooms, ninemsn (www.ninemsn.com.au)or yahoo (www.yahoo.com) for

instance require that the user have a registered name and often a profile of themselves as
well. Regardless of which method is used, you should encourage your child to use an
obscure screen name. All too often I see screen names such as Melanie14Melbourne or
Steve12. If you look back at the screen dump of the teentalk1 chat room, you will see the
screen name Mellie_Mel17. Such a name is a give away of the sex and age of your child.
Remember there may be individuals in the chat room posing as a child seeking a child of
that sex and age. Why give them a starting advantage in profiling your child. Although
the presence of your child in a teenage or junior primary chat room indicates that they are
a child, an obscure name gives no additional information away.
We would do well to mimic the practice of the computer hackers and crackers and
encourage our children to use non-specific and often radical type screen names.
Something like say Blade101 or zoot1a. Even better is a totally unassociated name such
as e34f7. The problem of the child remembering or even accepting such an obscure name
may have to be addressed. In the final analysis, ensure that any name chosen does not
reveal any information that may aid a profiling effort.
Mitigation 5
This may or may not be possible, but is included here for completeness. If it is at all
possible arrange for all chat sessions to have the transcript recorded to file. The reasoning
behind this is that a transcript may be useful for law enforcement officers if an
exploitation situation arises. Beyond this, a copy of the chat sessions may, provided you
do not invade your child’s privacy, provide you with both a feel for who your child is
chatting to and may alert your to inconsistencies by specific individuals.
I am not suggesting here that you spy on your children. Teenagers are particularly
sensitive to the issue of their privacy and what they say. It is paradoxical that they will
chat in an open chat room where everyone can see what they type but parents are often
considered invasive if the view the chat text. This is not so much an issue for younger
children who on the whole expect their parents to read their mail and messages.
My personal position on this is to tell your child, particularly a teenager, that the chat text
is recorded and filed by the computer, but you will not read that text unless one of two
circumstances evolve. Firstly is if they come to you and express concern as to the
direction that a chat has taken and they ask for your opinion. The second circumstance is
if they are placed in a position of danger or are missing. In such case advise them that the
transcripts will be used to ensure their safety.
Perhaps you could agree with them that the chat transcripts would be held in escrow for
say 2 weeks after which they are deleted unless a need to review arises.
As a side note, e-forensics experts will find it simpler and much faster to read back a
transcript log rather than having to wade through the entire computer looking for
fragments of the session that has been left behind. Help these people by filing the
transcripts before the event.
One final stance that you may be able to take with your child on this issue of saved texts
is that really there is nothing they have to say to each other in a chat room that even
remotely interests you. Really do our kids think our lives are so dull that we seek the
thrill of reading about the “Atomic Kittens” or the latest “Charmed” episode.
For those interested in exploring this there are a number of commercial software
applications that can perform this task.
Topic 5 - Voice Chat
What is it
Voice chat is an extension of the general chat facility offered by many chat servers on the
Internet. Basically it allows one or more people to communicate via voice rather than
having to use the keyboard. Not all the parties to a voice chat session need to be able to
use voice. Many times one will use voice and the other parties will respond through the
keyboard.
Threat
The main threat with voice chat is that it is an extension of the threats posed by chat
rooms. The only additional factor is that one or more of the parties are using their voice
to communicate. Allied to this, it is considerably more difficult to monitor and save the
contents of a voice chat session, so what ever is said is most often lost.
Consider also that a voice chat is more open, more freewheeling. Statements are made
without having to really think about them. Rashness may set in. Personal details are
easier for a profiler to extract.
Mitigation 1
There are very few things that you can do to mitigate against voice chat. Apart from
banning its use, an act that will undermine the relationship factors above and have your
child consider you unreasonable and draconian.
One potential approach is to ensure that the child does not use a full head set. If they wish
to use voice chat then the incoming voice should be received on a speaker and not a
headset. The advantage of this is that if the content of the chat could be seen as
inappropriate by you the parent, then they would be keen that it is not overheard.
The child may claim that they cant hear the voice over the other activity noise of the
family in the room and as such they should be allowed to use head phones. As hard as I
look at this, it is a very valid argument with no real solution. In this case we must accept
that we will not be able to hear what is being said to them, we will however be able to
hear what they say back if they are using voice.
We should be aware of what they are saying, not necessarily listening but being aware of
a dramatically lowering of their voice or them giving out personal details. Every parent in
the world is able to pick up the name of their child being said even in noisy
circumstances.
Topic 6 - Webcams
What are they
Webcams are camera devices that allow individuals to send pictures of them selves in
real time or live if you prefer that term. Think on them as low-resolution video cameras
that are able to transmit the images to other users on the Internet. Webcams are usually
mounted on the computer screen and aimed at the face of the person using the computer.
In this regard it is a type of videophone application.
I mentioned that they are generally mounted on the computer screen, but this is not
always the case. I have seen images that have been transmitted from many and varied
places including one mounted under the computer desk. I leave it to the reader to
determine what was transmitted. Other locations are in corners of rooms and hidden
webcams. Numerous sites transmit Webcam images to the Internet at large. These images
can be received by anyone with suitable software. These later forms seem to cater for our
current voyeuristic interest in reality television.
Threats
Webcams are often used in chat rooms as another form of chat facility. In this
environment they are prone to the same threats that plague chat and voice chat services.
Chat rooms are not however, the only place that your children may come in contact with
Webcams.
To put this is perspective, it is not the reception of images that is the threat but rather the
potential content of those images. Because there is no way of filtering the content of
images and the immediacy of those images. Your child could be looking at a harmless
image at one moment and exposed to inappropriate and in some cases very inappropriate
images the next.
Within the context of the chat room, there seems to be a high incidence of chatters
sexually exposing them self on Webcam. Fortunately this type of behaviour seems to be
limited to the more open type of chat rooms and I have not personally seen any evidence
of this in children’s chat rooms.
Mitigation 1
The first level of mitigation is to not permit your children to use webcam. The easiest
way of course is to not have one connected to the computer. In this regard we should
consider the value and worth of this technology for our self and our families.
I personally know quite a number of people that have webcam facilities and yet most do
not use them to any great extent. I have a webcam for my laptop, but use it only in the
context of lectures to demonstrate the technology. I really see very little constructive
value in these items.
I guess that a case could be put up for using it as a sort of video phone, but do we really
want to broadcast our life and images throughout the Internet.
What am I saying here? Basically unless you have a specific need for webcam
technology, just don’t buy or install one.
Mitigation 2
The first mitigation covers the transmitting of webcam images from your computer. This
mitigation covers the receiving of those images from others. Firstly you should be aware
that you do not need a webcam to receive webcam images from other sources. In this
regard webcam images are just like any other Internet resource, that is: they can be
broadcast.
One positive aspect of this is that not all webcam broadcasts are able to be received by all
Internet connected computers. Specifically some require additional software. Where
specific software is required to receive Webcam images, the simple solution is not to
install the viewer software. This will prevent sites that need this type of software from
transmitting to your computer.
Topic 7 - Instant Messaging
What is it
Instant messaging is a service that allows two individuals to type messages to each other
in real time in an environment that is exclusively reserved for those two parties. Instant
messaging is available in two forms. The first is the dedicated instant messaging service
such as ICQ (often taken to mean I Seek You). The other form is available as an option on
many chat rooms. The second form functions as an enhancement where two persons
decide that they wish to carry on a private chat without the other people in the chat room
being able to see their messages.
Associated and closely integrated into the instant messaging services is the facility to
allow people to see the online status of people on what is called a buddy list. A buddy list
is a directory of individuals that a user creates to enable parties to chat. When someone
on a buddy list comes online other parties with him or her on their list are able to see that
they are available for chat.
Threat
One of the major issues for children in regard to Instant Messaging is that any
communication between parties is private, in as much as the content is not broadcast into
a common room as is the case of chat rooms.
The other significant threat is that if someone has placed your child on a buddy list then
that person is able to a certain degree, stalk the target individual. For a child there is a
very real threat that a child exploiter will place a child on their buddy list and then be able
to maintain contact with that child.
Mitigation 1
Parents should ensure that their children do not allow anyone that they do not know
personally to place them on their buddy list. Although many services require that the
target for the buddy list approve them being placed on a list, this is not always the case.
The application CheetaChat will for instance, allow any person to add any valid user to
their buddy list without requiring the target’s verification. What this means is that your
child could be on someone’s buddy list and tracking their presence on the Internet and
you may not even be aware of it.
Regardless of this, never allow children to let unknown people place them on their buddy
lists. In a similar vein, prohibit your children placing unknown parties on their buddy list,
as this may encourage your child to strike up a chat when they come on line.
Now we have to exhibit some discretion here. Children need to be able to find friends on
the Internet and Instant Messaging and buddy lists facilitate and encourage that
interaction.
Mitigation 2
The default configuration of many instant messaging services is to broadcast a person’s

availability when the user first goes online, regardless of whether they are using the
Instant Messaging service or not. The theory here, of course, is that the instant message
service believes that a person being online constitutes willingness to chat. This is clearly
not always the case. Many Instant Messaging applications have an invisible mode where
the presence of a person is hidden from the buddy lists. The application does not in this
case broadcast the person’s presence online.
Parents can stealth their children’s presence online by one of two means. Firstly they may
disable the IM application from loading at system startup. Because of the number of
Instant Messaging software applications, it is impossible to cover the various methods in
this guide. The other option is to configure the application to place the child in invisible
mode. Once again, differing applications handle this aspect differently. The best I can
suggest here is to look around the application and see if you can find where to set it to
invisible mode.
Part 3 – Delivered Services
Delivered services are Internet resources that can be sent to your computer without direct
human intervention or interaction at the server or other end. In this regard they are more
like a letter rather than a phone call.
Topic 8 - World Wide Web
What is it
The World Wide Web is often thought of as the Internet. It is the part of the Internet that
you access when using a web browser such as Internet Explorer, Netscape or Opera to
name a few.
The development of the World Wide Web has arguably been the driving force behind the
growth of the Internet. We should however be aware that the World Wide Web is only
one face of the Internet. When we use the Internet we often type in a Web address that
starts with www, this stands for World Wide Web.
Threat
The most obvious threat to children from the World Wide Web is the viewing of
inappropriate content. This encompasses not only pornography, but also any matter that is
likely to scare, offend or corrupt a child. This includes material such as hate sites,
persecution sites – political and religious, etc and of course pornography.
Mitigation 1
One of the best ways to protect your children from inappropriate content is to use a web
browser specifically designed for children as discussed in Part 4 below. The use of one of
these will significantly reduce the amount of offensive material arriving at your child’s
screen.
In regard to this, make sure that the default web browser such as Internet Explorer is
either removed, hidden or disabled when the child is using the Internet. Failure to do this
may find your child using that browser instead of the one you want them to.
Mitigation 2
For people that wish to standardise on say Internet explorer for all the family, then there
are configuration options to filter and block content in all the major packages. The
specifics of this configuration is outside the scope of this book, but you may find help at
the following sites
Internet explorer – www.microsoft.com
Netscape – www.netscape.com
Opera – www.opera.com
Sites generally exist for other browsers, but since most people use the three above, I will
leave it to the individual to find configuration info for their specific browser. You might
like to try www.(name of software).com.
Mitigation 3
Another effective strategy is to have a firewall placed between the Internet and your web
browser. Firewall may be a hardware device that plugs into the phone line or software
that runs on the computer connected to the Internet. In this book I will be talking about
the software type.
A firewall operates by comparing an incoming web page against a number of rules. These
rules may be the Internet address such as www.playboy.com or against a set of banned
words. If the web page has those banned words, then the page is blocked.
Lets look at the Internet address function first. There are two ways of configuring a
firewall. The first is to have a list of acceptable sites and block everything else not on that
list. The other is to allow all sites except those on the list. The first form is a white list,
the second a black list. A firewall may implement either or both types of list.
Lets look briefly at the effects of each type of list. If everything is blocked except what is
on the white list then your child may be missing access to valuable content and their
Internet experience is significantly constrained. The allowing of everything except what
is on the black list poses the problem of firstly updating the list regularly and secondly
being aware of which sites you should block.
Many commercial firewall packages have an update service that will add sites to a black
list, but there may be issues with timing, ease of update and lastly but very significantly
the criteria that a site is deemed black or white. Always remember that when you
subscribe to a service like this you are tacitly agreeing to the site’s policy and philosophy
on what is deemed acceptable or not. I only mention this to draw your attention to the
issue that filtering software vendors sometimes have their own agendas.
Looking at the black or blocked words list, this may seem an ideal solution. If an
inappropriate word appears in the text portion of a web page then the software will block
it. There are two issues to consider in this matter. Firstly certain words that may be used
in a legitimate site may cause the firewall to block that site. Let me give you an example.
A child is requested by their teacher to do a project on the cotton industry. Little Stevie is
not really interested in cotton farming as such, but he is interested in big machinery, so he
gets the idea of doing his project on the machines that harvest the cotton. When he
attempts to view the International Harvester site that portrays the machinery used, the
firewall blocks the site. In this instance (which occurred during trials of one package) the
site was blocked on the basis of the racist term “cotton picker”. A trivial example perhaps
but you can see how innocent sites may be blocked by the black list.
The second factor and I think more significant one, is that a black word list will only
filter text on the site and not graphics. Many sites have graphics, which have text content,
but this text is still a graphic image and will not be filtered by the firewall. This situation
was dramatically shown in the case where a person accidentally typed in
www.whitehouse.com when trying to reach the presidential Whitehouse in Washington,
(they should have used www.whitehouse.gov ). The black word filter list allowed this site
which is the home of Whitehouse, a soft pornography site to pass through because the
entire home page was a graphic.
Some firewalls do not perform this context or content function, but rather block external
attacks on your computer system. Firewalls of this nature include ZoneAlarm. In
circumstances such as these, you will have to install a secondary filtering package in
addition to the firewall. Once such software program is we-blocker, which was
recommended and included in the original lecture series as a particularly effective free
solution.
Topic 9 - Search Engines
What are they
Search engines are input screens located at various web addresses that allow a user to
type in a word or group of words and have the engine search for web pages that contain
information relating to those words.
The best known search engine is at google – www.google.com. The opening screen of
Google Australia is shown below. You are able to search for either all web sites or
confine your search to just Australian sites.
Threat
The main threat in regard to search engines is they in general do not have any conscience
in regard to both the search criteria that is submitted to them or the results that they
display. In saying this, a child who types in “sex” into a search engine, will have returned
probably millions of site addresses that relate to sex and pornography. It really is that
easy for your child to access porn.
Add to this that some sites place keywords that do not directly relate to their site in an
effort to fool search engines to list their site with other sites relating to the search. It is
possible then for a child to enter a harmless criterion and still be presented with links to
inappropriate content.
The final threat factor is the fact that certain words and phrases that are seemingly
harmless have alternative meanings and may generate inappropriate site listings. One
example would be a child seeking information on water skiing and entering the search
criteria of “water sports”. I almost guaranteed that the first page of links would include at
least one site that deals with urinary fetish, not an appropriate site for a child to
inadvertently link to.
Another example that I use in the lectures is the case where a child is looking for
information about the Walt Disney character Bambi. In quite a number of search engines
a site for the “Bambi Killers” (a dear hunting related site) is listed before the Disney site.
Mitigation 1
Firstly there are a number of search engines that cater solely for children. These engines
filter those sites that they reference to ensure that no inappropriate content is allowed
through. Parents should encourage children to use one of these child safe search engines
instead of the better-known engines. The disadvantage is that the amount of content
indexed by these kid’s engines is considerably less than the major engines, but that really
should not be an issue. For a list of some of the better known kids engines see the
sections on kid safe search engines and kid safe portals and directories in Part 4 below.
Mitigation 2
Most of the major search engines allow you to set what is termed the family filter to
block certain classes of content. Google for instance allows you to set the filtering
options by selecting preferences from the opening screen. This will bring up the
preferences screen. On this screen you are able to select the level of filtering as shown
below.
Once you have selected the filtering level then you must save them, by selecting the save
option at the base of the preference screen, as shown below.
The preferences are saved on your computer in what is termed a cookie. The significant
thing to remember here is that if you delete your cookies or have software that regularly
does that for you, then your preferences will be set back to the default next time you use
Google. In this case it is moderate filtering as shown in the image above.
Watch this one carefully as you may think you are protected when you are not.
Many other search engines offer the same type of filtering options. Altavista at
www.altavista.com for instance permits customisation via the settings option as shown
below.
On the next screen select to change the family filter settings, as shown below.
Another screen will be displayed that allows you to set the options. This screen is shown
below. Once again the settings are saved to a cookie on your computer when you select
the save option.
As stated, not all search engines provide this filtering facility. One such engine is
SearchBoss at www.searchboss.com as displayed below.
Topic 10 - User profiles
What they are
User profiles are records about you or your family members that are stored at some
services. User profiles are created by the individual concerned and contain information
that you expose in exchange for the right to use a specific Internet service or web site.
The level of detail and the truthfulness of that information is significantly under your
control. There are a number of mandatory information fields that you must fill in to be
able to register the profile, all other fields are optional.
Threat
Quite simply the threat here is divulging far too much personal information about
yourself and your family. There is a curious quirk in humans that makes us fill in all the
fields and answer all the questions if we think that we will be granted or given something
in return. It is in a way the price we think we have to pay for that service.
The problem is that the deal is lopsided. Your personal details are worth far more than
access to a web site or rights to view or use a service. On the Internet you are your
personal details.
Apart from the provision of those personal details there is the added threat of the
publication of those details to the Internet at large. Taking Yahoo (www.yahoo.com) for
instance, a person is able to call up the profile details that you have entered provided that
they have access to your email account name, username or a combination of other details,
such as name and partial address.
The ease at which your email account name is discovered is discussed in the next section,
but for now remember that anything you enter into your profile is available to others
including any photo that you attach to your profile.
The other side of this profile issue is that you may call up someone else’s profile, but
there is no guarantee that the details contained there actually refer to the person who
owns the profile. In a recent survey, it was discovered that over 40% of people falsify
their identities on the Internet. I would also suspect that a large number of profiles on the
Internet today relate to fictitious persons or composite persons in some regard.
Mitigation 1
It is often required that you create a profile to access certain facilities such as those
provided by ninemsn (www.ninemsn.com.au) or yahoo (www.yahoo.com). Before your
child can access a ninemsn teenage chat room, they have create a profile or as they term it
a “.net passport”. Given that there is no need to fill in anything other than the required
fields, only the mandatory fields should be filled in. Mandatory fields almost always
consist of the following as a minimum; first name and family name, email account and
maybe geographic location. One approach to this is to fill in you or your child’s first
initial and the initial of your family name. This will not pose any problem, as it is the
username that really identifies the person. In regard to an email account either create a
free or web email account before or use the option of using the service providers email
service.
In regard to location information, do not place any specific address information, but you
may fill in the country as many providers have a regional service tailored for each
country.
Finally, select a user account name that is neither age nor gender specific. Some
providers will allow the system to select a number of available names for you to choose
from.
Such a minimilistic profile will conform to the requirements of the provider but at the
same time reveal very little about you or your child. One final point on this matter. It is
illegal to provide false information on a profile that is associated with any financial
transaction or use of any credit card facility. This means that even if the site required a
valid credit card number as some form of verification and they do not charge that card, it
is still illegal to provide any false information either personal detail or credit card
number. Watch out for this one.
I would however, be questioning as to why an organisation that does not plan to bill me
wants my card number, and I would act accordingly.
Topic 11 - Email
What is it
Email is the sending and receiving of electronic mail from one computer to another
computer via the Internet. It is also perhaps the most widely used Internet service.
Just about everyone has his or her own personal email account or accounts. I confess that
I have 3 email accounts excluding the administration email accounts for the www.wild-
rivers.org web site. I will discuss the reason for multiple email accounts a bit later.
It is now common practice for your children to be issued email accounts at their school,
so even if you have not allocated your child an account, it is almost certain that they have
one at school
Threats
Email is a massive threat vector, so I’m going to have to split this one up a bit.
Threat 1
In a way your email account is a bit like a profile we discussed in the last section. In fact
you cannot have a profile unless you have an email account somewhere that is linked to
that profile.
So let’s look at this from a couple of perspectives. If you are using the email account
provided by your Internet service provider or in some cases a free email provider the
email account name (in the form of name@provider.com) may provide information about
your physical location. This information may be restricted to your country as in
name@yahoo.com.au which advises people that you live in Australia by the .au at the
end. Your provider may be a smaller regional service and as such the location of their
point of presence would give a general geographical location of the email account holder.
So that’s one level of information that you may be giving out, perhaps not all that
significant.
Moving on, the next level is that individuals are able to search on the email account name
and discover snippets of information about you and may be able to assemble a profile
about you. As examples consider the situation where you are applying for a job with a
particular company and you provide your email account with the application. A number
of companies search the Usenet postings for your email account and read everything that
you have posted there. (I will discuss Usenet later but for now consider it a permanent
message board). From those postings they are able to build up a partial picture of your
interests, bias and passions.
In fact anything that you tie your email account name to may under varying
circumstances be searched through the Internet and thus a picture of you may be
constructed.
Threat 2
An email address seems to spread much the same way that a phone number does, it does
not take long for a whole swag of people having your email account name. This opens up
the problem of traffic and spam. Spam is the term used for unsolicited email often sent to
thousands or millions of email accounts in an attempt to entice you to do something such
as buy a product. Consider spam in much the same way as you consider junk mail in your
letter box.
Apart from the inconvenience of all this email and having to wade through it, it is just
plain intrusive. For a child they may innocently open an email message and be confronted
with material or graphic images that may be inappropriate. There is always the chance
that they may open an email attachment and execute a virus on the computer system.
The major free email providers like hotmail (www.hotmail.com) and Yahoo
(www.yahoo.com) attempt to filter the email accounts of children from inappropriate
spam. In the case of hotmail, they will filter email sent to persons who identify
themselves as under the age of 13 years.
EXAMPLE:
IN ONE INSTANCE, A HOTMAIL ACCOUNT BELONGING TO AN 11 YEAR-OLD GIRL WAS DISCOVERED TO

CONTAIN SPAM ON TOPICS, WHICH INCLUDED PENIS AND BREAST ENLARGEMENT, PRESCRIPTION DRUG
SUPPLY AND GAMBLING LINKS.
ALTHOUGH THE PROVIDERS ATTEMPT TO KEEP THIS STUFF OUT OF CHILDREN’S EMAIL BOXES, THOSE WHO
WOULD PERVERT OUR CHILDREN KEEP COMING UP WITH WAYS TO CIRCUMVENT THE FILTERS.
Regardless of these threats, email means that you are always contact-able, always find-
able. This is a privacy issue. You have the right to quiet possession of your email account
inbox.
Threat 3
I have made mention before that you screen name should not reveal any usable details.
Likewise your child’s email account should not contain identifiable information about the
child. Using your child’s name and age, or year of birth, which is very common, will
probably attract he attention of a child exploiter as they troll through email account lists.
Always remember that the Internet is built and uses rather sophisticated technologies and
the ability to data mine (that is extract layers of information) is a reality. It often just
needs a starting point.
Consider this example of how someone may be able to mine email accounts from a
service provider. Yahoo (www.yahoo.com) will suggest alternative screen and email
account names if you select an account already in use. If an exploiter was to begin to
create an profile and use the name of say timmy12 and was blocked because the name is
in use, then they know there is a timmy12@yahooo.com email address. It would be a fair
guess that the account relates to a child.
But it has the potential to get worse. Yahoo will come back with a number of alternatives
that are available and these alternatives are based on the original name of timmy12. It is
possible that, say timmy122005 is suggested. The profiler knows that yahoo will attempt
to append the year to the account name. If not available then the software will increment
the number. In this case they will know that there are timmy122003 and timmy122004
accounts in existence. These accounts are not only in existence but they are most likely
owned by a young boy.
Mitigation1
The first step is to look at creating at least two email accounts for your child. The first
account is a private account at your Internet Service Provider, that is the people you pay
for Internet access.
This account has two discrete properties. Firstly the name is completely obscure and has
no identifying aspects. Something like the child’s initials and your house number. The
second aspect and this is the critical one, is that the email account information is only
given to people who you want to have contact with your child.
The group that has your child’s email account is by definition quite small and this is an
added advantage if you change Internet providers. You will only have to tell a small list
of people of the change. If you change ISP, you will loose you exiting email accounts
with the old provider.
Having created the private email account, you should then create a public one, using
services such as yahoo or hotmail. The reasoning behind this is that if the account
somehow becomes compromised, as they at times do, then you can just abandon the
account and set up a new one. These really are disposable email accounts.
Do not be too concerned about the waste, free email account providers will mothball any
account that is not used for a period of time. Generally this period is between 30 to 90
days.
Even though this is a disposable email account, still adopt the procedure of not revealing
personal information when selecting the email account name. Ensure also that you don’t
use the same email account name as you did for the private account with your ISP.
If you are particularly cautious, you may want to set up a third email account with a free
provider, once again yahoo, hotmail or one of the others. The same rules of account name
selection apply. No identifiable information.
You are possibly wondering what this account would be used for. I consider this third
account as being ideal if your child has a large number of email friends at say school or
socially. The effect of this separation is that, firstly if the main free email account is
compromised then the effort to recover the friends portion of the account traffic is
significantly reduced.
One parent asked me why they should not use the Internet Service Provider account for
friends as well as family. The answer is that you can, but as children grow up friends’
come and go. Often they part with ill will. Keeping friends separate, greatly reduces the
chance of the email account being compromised if an old friend wants to get vindictive.
Vindictive in this context covers the whole spectrum of harassment, including spreading
the email account around chat rooms and encouraging inappropriate emails to be sent to
your child.
Mitigation 2
Email accounts for children should regardless of whether free or ISP accounts, have
email filtering turned on and configured.
In the case of the Internet Service Provider account, the filtering should be set up so that
only those people on the address book are able to have their email pass through the filter.
You may be wondering why this is set up like this. Remember that this email account is
only for a select group of contacts, perhaps direct family. Under these conditions there
will be no one that should be contacting the child that you do not know.
The elegance of this is that unless the sender spoofs (a term that means forges an email
account or Internet address) an existing user on the address book, they have no way of
getting through. No junk emails, no inappropriate offers, no problems.
In regard to the free email accounts, they generally offer a basic form of content filtering.
You should activate this level of protection. Although it will not filter out much, perhaps
20 percent of the emails, at least that is a start.
One aspect of these email accounts is that if a particular person begins to send unwanted
emails, either inappropriate offers or personally directed from say an old friend, you have
the option of blocking that individual email source. As a strategy this is not overly
effective. The blocked sender may just establish another email account and continue the
flood of emails. This is precisely what email spammers do, they change email addresses
constantly to get past the blocks that people place on their traffic.
Mitigation 3
This one is simple but rather effective for the time and effort it requires. Often spammers
will send bulk emails to thousands of email addresses based on the permutation of certain
words. The idea is that even though there will be a significant number of unallocated
email accounts, there will also be a portion of active ones.
Consider what their objective is in this matter. Firstly, they may find someone who may
be interested in their offer and so they have a hit. Secondly, and I consider this to be the
real motivation for this form of mass send out, is that they will often be able to identify
those accounts that are live.
Le me explain how this works. The email that they have bulk sent has an unsubscribe or
similar link. They write in the email that if you do not want to receive anymore emails
from them then click the link and you will be removed from their list. What are most
people going to do? They don’t want what the sender is offering and wish to be removed
from the list. They click the link.
Once you click on the link the spammer now knows that the account is live since you
responded to the email. Prior to that they had no idea. They then collect the list of live
accounts and sell it to other spammers and you start getting even more junk emails.
The solution, never unsubscribe to anything that you did not subscribe to in the first
place.
Topic 12 - Clubs and groups
What are they
Clubs and groups are collections of similar minded individuals that have set up or have
joined an online community. These range from bird watching, sewing and cultural
activities right up to extreme sexual practices. The bigger providers such as ninemsn and
yahoo often host clubs and groups. Membership almost always entails the generation of a
profile if one is not already existing.
Services offered differ but generally they offer chat rooms, message boards, photos and
files, calendars and member profiles.
Threats
There are two main threats that accrue from membership of a club or group. The first is
that you are associated with that group. Mainstream groups that are large and broad in
topic and content are safer than small specific groups. Being a member of say an Islamic
hacking group may bring you more prominence and attention than you may want.
The second is that profile issue again. Group membership tied to a profile and an email
account begins to generate a significant profile footprint. That is, by the collection of this
information, a clearer view of the individual is gained.
In addition by cross-referencing you to other group members and their associations with
other groups a network of association may be formed. Now I know that your association
with a sewing group and the number of members of that group with links to a cross stitch
group is not world news, but consider this scenario.
Your child is associated with a kids group and thus must have a profile and an email
account. That group has members who are associated with other kids groups. By
referencing the common groups that your child and other children are members of an
exploiter may be able to profile and in some instances pretend to be a member of those
groups. They may send emails with another member’s name and email address on it and
thus establish communication with your child. A far simpler method may be to establish a
false child profile and actually join those groups. From this beginning they are able to
both communicate and establish a common bond with your child.
Mitigation 1
Most clubs and groups will not allow you to view the content of their site until your
become a member. One of the best ways to vet these types of sites is to join the group
yourself using a disposable profile and email address. Disposable email addresses are
those that are provided free by providers such as yahoo (www.yahoo.com ) or hotmail
(www.hotmail.com ). The objective is to get into the site and look around before your
child places any of their information on the site.
This step is important because clubs and groups are notorious for publishing email and
profile details to the membership at large. This means that even if your child resigns from
the group, their information is still available as group public record.
Once you have joined the group, then log in and have a look around. Look particularly at
the postings by other members. Are they all on topic or do some of them address
inappropriate matters. Have the group owners made a statement of how they will deal
with inappropriate postings? Look in the photo albums and make sure the images are on
topic and appropriate. Similarly with the file posting area. Is there a links page? Do all
the links point to relevant and appropriate sites. If there is a chat room, join in the chat
and watch the chat conversation for awhile. Are you happy for your child to be in this
chat room?
Once you have satisfied yourself that the club or group is what they say and has
safeguards to protect your child from the threats above, then allow your child to join.
Once again be careful of the amount of personal detail that your child exposes via profile.
The last stage is the ongoing monitoring of the club or group. Probably more than any
other Internet service, clubs and groups are open for abuse. A group owner may suddenly
be unable to maintain the group and undesirable elements manage to join the group and
evade detection. An even worse situation is where the owner hands over the group to
another party, and that party perverts the aims and safeguards of the group.
As a point of clarification the transfer of club or group ownership is a common event

online. Many people start groups and just do not have the time to devote to them. Rather
than shut the group down they ask for someone to take it over. For this reason alone
periodically log in under your membership and conduct a review.
Topic 13 - Images
What are they
Although every reader will know what an image is, it is wise to clarify the definition for
the purposes of this book. From the perspective of the Internet, an image is a still or non-
moving picture. It encompasses not only photographs but also drawings, painting and
computer generated art.
Threat
Quite simply the threat from images primarily relates to the content of the image.
Traditionally, parents have been concerned with the graphic portrayal of sexual subjects
or if you prefer plain old porn. Although porn accounts for a considerable amount of the
Internet traffic generated, I do not consider that it poses the most significant problem.
A recent survey of minors showed conclusively that teenagers in particular quickly tire of
pornography and seek out the high violence sites. This then is the main issue in my mind.
Violence, hatred, bigotry and intolerance are the emerging problems associated with
images.
Simply stated, the threat comes about from children’s exposure to a wide variety of
inappropriate images from a variety of sources not just the porn purveyors.
Mitigation
At present there are no generally accessible software applications that are able to filter
images based on their content. Even within the e-forensic field there are only a couple of
software packages that are able to do this type of analysis. Hopefully as this type of
technology matures we will see image filtering come to the home computer and desktop.
In the interim the mitigation relies on filtering the web page that the image resides on.
The assumption (and not always a valid one), is that the image will be associated with
some text that will be caught by the filtering software black word list. Where this is the
case, then traditional filtering will prevent the display of the image along with the rest of
the page.
Where this approach fails is under a number of easily identifiable situations. Firstly
where the entire web page is a graphic image. Since there is no text to compare with the
black word list then there is no filtering.
The second situation is where the image is located on a server but is directly available for
download through what is called FTP (File Transfer Protocol). In this situation the user is
presented with a list of available files with often obscure names and the file is selected
and either downloaded or displayed directly.
The last scenario and potentially the most dangerous is the direct uploading of an image
to your child’s screen. This situation is most prevalent in the context of interactive
services such as chat and Instant Messaging. Often someone in an interactive session will
offer to send an image, maybe a picture of them self. If your child accepts the transfer,
the image is sent to the computer. When the child receives the image it may not be what
they were expecting.
EXAMPLE:
IN ONE WELL-KNOWN CASE A TEENAGE GIRL WAS SENT AN IMAGE OF A PAEDOPHILE AND A VERY YOUNG
CHILD. THE GIRL WAS UNDERSTANDABLY TRUMATISED BY THIS EVENT AND REQUIRED COUNCILING.
At this time the only mitigation I can suggest, particularly for the last situation is to never
allow your children to accept an upload from someone you or they do not personally
know and trust. This is one case where the technology lags far behind the needs.
Topic 14 - Literature
What is it
Literature is of course the written word. On the Internet the methods of delivery of this
written word are many and often varied. It ranges from simple text files that may be
displayed or downloaded in your Web browser up to fully formatted books in PDF
(Portable Document Format) or Microsoft Word documents.
Threat
Clearly the threat relates to the content of the written work. This threat includes not only
erotic literature but also works such as political and social manifestos.
Like so many of the areas discussed in this book there are overlaps. Literature in some
cases also includes embedded images that form part of the work or are associated with
the web page displaying the page.
Mitigation
Generally literature mitigation is perhaps the easiest to carry out, that is provided that the
filtering software can read the text context. In the case of text files and web pages this is
generally the case. The situation does become more difficult when the text has been
converted to another form. Of all the forms available on the Internet, the following are
the most popular, Microsoft Word, Adobe Acrobat (PDF), Postscript files and any
document that has been compressed for transmission. The reason for this is that the
filtering software is unable to interpret the formatted content for the rule set to apply.
Firstly let us look at the plain text and Web page content. Providing that you have a
filtering application installed and a suitable rule set up, then the text will be compared
with the rule set and black list words will cause the display to be aborted.
So what can you do about all the other forms? Looking at it objectively, if inappropriate
literature is downloaded to your computer, it will require the specific application to be
able to display the text. What this means is if you do not have Adobe Acrobat installed,
then a PDF file will not be able to be displayed and in that way it ceases to be a problem.
Similarly with many of the other formats. This situation is not unfortunately the case with
Microsoft Word files. These documents can be read back by the Wordpad application that
is installed by default with the Windows operating system. The only way to prevent this
is to delete the Wordpad application, not something most people want to do.
At present I am not aware of any content filtering software that is able to block content
that is on your local hard disk, but the search continues.
Topic 15 - Peer to Peer services
What are they
Generally Peer to Peer or P2P services are offerings from other individual computer users
of files located on their hard disks. These offerings often have pirated music, video, or
illegal software or content. Since these files are located on individual computers and not a
central file server there is a huge market for these services.
In recent times a service called Napster provided music via a forerunner to the P2P
service. The record industry pursued and succeeded in shutting down the service. Today
alternative services such as Limewire, AG Satellite and others provide pure P2P facilities
to their subscribers.
Threats
Threats from these services are of two specific types. Firstly, to partake in a P2P you
must allow other users access to a section of your hard disk. This is to allow downloads
and also to enable others to upload files from your computer. If this shared directory is
not allocated or managed carefully, you may unintentionally expose sensitive or personal
files.
The other threat is that you may, by using these types of services, download content that
is in contravention of copyright laws. We shall look at this latter threat in a bit more
detail in the section on mp3 music in the next topic.
Mitigation
If you decide to partake in peer to peer sharing of files, you should pay particular
attention when the setup software asks you to allocate a shared directory on your hard
disk. The first principal is to NOT allocate an entire drive such as the C: drive as this will
expose all files on the system (assuming you have only one hard disk). Another location
you should NOT allocate is the “My Documents” folder as this generally contains all of
your documents.
Perhaps the best option is to create a specific directory or folder such as C:/share. Once
created only allow files that you are willing to have accessed by others located in this
folder. Many of the P2P applications prompt for the creation of this type of folder, but be
aware that you still have to ensure that private files are not exposed.
Topic 16 - MP3 Music
What is it
MP3 music is a form of music recording that is particularly suitable for Internet
distribution. The music quality is often approaching CD quality yet the file sizes are
small enough to be able to be downloaded in a reasonably short time.
Threat
The primary threat that comes from MP3 music files is the threat of being in illegal
possession of copyrighted materials. In this regard, your children are quite often keen to
have copies of new music that is released and the temptation is to secure an illegal copy
through one of the Peer to Peer sharing services as discussed above.
Mitigation
In the first instance, you have to make a policy stance on what material, if any, is allowed
to be downloaded. This may not be as clean cut as you may at first think. Often new and
aspiring groups will release their music to a mp3 service to gain public exposure. In
situations like this they do not expect any payment but they still retain the copyright. For
your child this is an opportunity to get what is truly free music. In such a situation I see
no real issue in the child downloading the music provided that the content does not
contravene any other standard that you have set up.
Where the real issue resides is where the child is downloading illegal copies through a
mp3 service. One thing about these services is that they always leave a clue as to their
presence on a computer system.
Topic 17 - Video
What is it
Video is the transmission and reception of moving picture images over the Internet. It
takes two forms, firstly video that is displayed on the computer screen at the time of
transmission and video that is stored in a file for later viewing.
The former tends to be what is termed low-resolution video because the quality of the
picture is severely reduced by the amount of information that can be transmitted
effectively through the Internet cabling. Examples of this first type are clips on web
pages and small clips that play in only a small region of your computer screen.
The second form is full-blown video, the quality rivaling the DVD standard. The video is
saved to a hard disk like any file (however a very big file) and the file is played at a later
time through either the computer system or after being burnt to CD or DVD.
Threat
This threat is essentially the same as that posed by mp3 music above. There have been a
number of instances where a pirate version of a film has been released on the Internet
before public release. Not surprisingly, there is a rising market for video pirating and
sharing. The issues discussed in regard to mp3 music are also applicable here.
Mitigation
The mitigation for this threat is also much the same as the mitigation for mp3 music
above and I draw the reader’s attention to that section rather than rehash the same points
here.
Topic 18 - Ezines
What are they
Ezine is a rather new term that relates to electronic magazines. The term covers a rather
broad range of types and styles, ranging from the home grown newsletter of a small
interest group up to the very flashy versions of print magazines. It also includes
electronic versions of newspapers.
Print media companies such as Dolly, for instance, produce very attractive and slick cut
down versions of their monthly magazine and distribute it online. I suspect that the
electronic version acts as a teaser for the printed copy and encourages people to go out
and purchase the paper version.
One distinction that should be made is between push and pull distribution methods. Push
distribution is where the ezine is sent to your email inbox. Today, there is considerable
pressure being applied to ezine publishers to not send unsolicited publications. Since
these push ezines are delivered to an email account, any unsolicited delivery is
considered to be spam (see discussion in the email topic). Accordingly ezine publishers
rely on a process called ‘opt in’ where the receiver subscribes to the ezine.
This subscription process is similar to any other request for an Internet service, that is,
you have to provide a certain level of personal detail to be eligible for the service. This
level of personal exposure ranges from just a name and email account, right up to a full
blown profiling effort. One final matter that you should be aware of is that ezines
generally have a web link to unsubscribe from the service.
The other form of ezine is the pull variety, where you visit a web site, generally the
publisher of the ezine and request a copy or display the copy of the ezine on screen.
Threat 1
The main treat posed by ezines to your child, is in regard to the content of the ezine. As
stated above, ezines are created and distributed by all manner of organisations and in the
name of a vast variety of causes, including commercial.
This is really a matter of content being suitable for the age of the child. One matter that
has been brought to my attention is the subscription availability of Dolly ezine to children
from the age of 12-years-old. I would have thought that some of the content of the hard
copy magazine was unsuitable for pre-teens and by implication it is indiscrete to offer the
ezine to this age group. As a parent you may consider it appropriate, and that’s ok since
my role is to point out the potential issues and give some options to handle them if you
see fit.
The significant issue here is that you should, depending on the age of the child, review
the ezines that your child is receiving. By review, I mean that you should not only
identify the publications but also have a bit of a look at the contents. This is not a once
off exercise either, periodically ask to read a random ezine to ensure that the publication
does not suffer from content shift.
Threat 2
Apart from content issues, the potential volume of email that ezines may generate could
be a problem. Although this may not be seen as a significant threat or even a threat at all.
I consider that it warrants coverage in this book.
When we consider the opportunities for subscription to ezines, it becomes very easy to
over-subscribe. This means that every day volumes of information are sent to your child’s
email account, or worse, your email account. It very quickly becomes apparent that no
one could read all this material and so it either gets bulk deleted unread, stored offline for
later reading or someone wades through it all. In every situation there is unnecessary
Internet traffic and in some cases bandwidth charges for information that is not really
needed by the recipient. I know this sounds like a moral stance on resource use and you
know what, it is!
Let’s put a bit of perspective on this. How many teen ezines does your 14-year-old
daughter really need to read every week? The answer is of course variable, but that is the
point. They should be allowed to subscribe only to as many as they are physically able to
use and read. What I am striving for is to make the contents of the email box relevant and
meaningful for the recipient. What is better 2 ezines read or 20 bulk deleted?
Topic 19 - Usenet
What is it
Usenet or Newsgroups as it is also known, is a global message board where anyone may
post or read messages from others on the Internet. To create some semblance or order
Usenet groups are divided into a number of topics and sub-topics. Today there are over
80,000 distinct Usenet groups covering just about any conceivable subject.
Historically Usenet is one of the oldest Internet services and all Usenet postings have
been archived and are available for anyone to read. If you look hard enough you will find
postings from Bill Gates of Microsoft fame in his early days as a hacker. As you can see,
what you say on Usenet is there forever.
The structure of Usenet is basically as follows. There are a number of top level groups
such as comp for computers, biz for business, rec for recreation, soc for social issues and
alt for alternative lifestyle. This last one is without doubt the most dangerous as all forms
of life reside there, or if I can paraphrase Scotty from StarTrek “there be paedophiles
there”. Look at the highlighted Usenet group name in the screen dump below and also
look at the title of the group located 9 groups above the highlighted item. These are not
the only groups dedicated to the subject of paedophillia.
I should also note that this selection of Usenet groups as discovered not on some obscure
hidden site but was listed by one of the more prominent Internet Service Providers as
their subset of the Usenet community.
Beneath each major group is a hierarchical structure of sub groups and topics. As an
example the alt group has a partial structure as shown in the screen dump below.
Threat
Usenet poses such a huge threat to children that I was tempted to just put one line – don’t
let them near it. So where do I start? Usenet is considered the Wild West of the Internet,
where lawlessness and surprise are the rule of the day. It is the home of many
paedophiles who communicate through Usenet groups such as alt.sex.pedo and
alt.sex.teens. For this reason we should not let our children wander into those groups. I
would go so far as to suggest that unless you have a specific need to be involved in a
Usenet group then you would be wise to avoid it all together.
But let me be more specific about this. If you post anything to a Usenet group then your
email address is attached to the posting. From a privacy point of view this is like
advertising your home address to the world at large. From this email address anyone may
trace you back to a specific location, perform a profiling exercise and launch a
harassment or stalking attack on you. If that sounds somewhat dramatic, I want you to
consider that those who frequent the Usenet groups are often highly Internet savvy and
often intolerant to those they consider outsiders – read those not on the inside of that
particular group. This is in a way a similar situation to those who consider that they own
a particular chat room and will harass any new comer.
Mitigation
As I said before, unless you have specific need to go there then stay away, at least until
you have had enough experience to be able to handle yourself against those you may find
there.
Ok, the above was pretty lame, so now for some specific mitigation strategies. The most
dangerous group as I have said before is the alt group, so lets look at blocking that group
first.
Firstly since Usenet is a text-based service, that is, the messages are comprised of text.
Now this is not strictly true, they may also contain graphic elements such as picture
images and such, but for now consider them text based.
We have seen before that anything that is text based may be filtered by a black list on
your filtering software. We can now enter the black list word ‘alt.’, that is alt and a period
character. This will block anything that has that specific content or header. The advantage
of this is that not only will it block the Usenet group but also as a bonus two other
sources of Usenet content. The first of these is the Google search engine Usenet archives
and secondly any web site that is quoting in part or whole the alt. Usenet content.
Part 4 – Safe Alternatives
Topic 20 - Safe Web Browsers
What are they
Safe web browsers are specific Internet browsers that are designed for children. They
conform to two basic types. The first is a web browser that only allows the child to access
one specific home page, generally a portal. From there they are able to explore but only
to approved sites.
The other form is a web browser that allows the child to move around the Internet freely,
however the browser monitors the web addresses or content for inappropriate material. In
such a case the browser will block the child’s access to that site.
The Family Browser
Available at www.thefamilybrowser.com
This is a free Internet explorer replacement for use by children. Although generally a
very good children’s browser, it is able to be circumvented and inappropriate content
displayed to a child. On balance, however, considering that it is free and still being
developed, you should perhaps consider it.
Topic 21 - Firewalls and Filtering
What are they
Firewalls and Filtering applications are software applications that have the ability to
block or filter content and web sites based on a rule set. The rule set may specify what is
allowed and/or what is not allowed to pass through the application and be passed to the
Web browser.
Although there a number of commercial firewall and filtering software packages

available from computer stores, I thought that I would concentrate on the free offerings
that may be downloaded from the Internet. I have taken this approach for a couple of
reasons.
Firstly, I do not wish to be accused of some underhanded commerciality, where I might

be perceived as promoting a commercial product or vendor. By presenting only free
software I cannot be accused of receiving a monitory kickback.
Secondly, I have noticed that many families just do not have the cash reserves to spend
on commercial software to protect their children. In many cases, even though they realise
the need, there are more pressing and immediate needs. In situations like this the
computer protection becomes a discretionary item. By pointing them to free software
solutions, there is no financial justification phase and the computer protection is more
likely to be implemented.
We-blocker
Available at www.we-blocker.com
We-blocker is a free content filtering package that allows you to create both black and
white lists of words and sites. When installed it contains a default list of words that it
checks against the content of web sites. While not a perfect solution it will trap content
that may other wise slip through.
Configuration is a little more involved than some other packages but the results justify
the time spent.
Zone Alarm
Available at www.zonelabs.com
Zone Alarm is a free firewall product that once installed will block most attacks against
your computer system. It will not however filter content as the previous product better
handles this task. The beauty of Zone Alarm is that it is virtually configuration free and
starts working straight after installation.
Topic 22 - Safe Chat Rooms
What are they
Kid’s or child safe chat rooms are taken to be chat rooms that not only specifically cater
for children but also have conduct and content standards which must be adhered to, to
remain in the room.
There is a good selection of chat rooms at www.kids.net.au
A search on this site found 288 chat rooms classed as suitable for children. I found these
by entering chat rooms in the search box. Not all of the chat rooms cater for all age
groups so some experiment may be needed.
All up it is a good place to start.
Topic 23 - Safe sites
What they are

A safe site is one which conforms to minimum standards in regard to content. That
content is taken to be suitable for children to view and interact with.
The best way to find safe sites for kids is to enter “kids safe sites” or something similar
into a search engine. I entered that phrase into Google and received so many potential
sites that it will be best to leave that part to you the reader. You might however try to
narrow the search by stipulating an age in the search criteria.
Topic 24 - Safe Search Engines
What they are
Safe search engines are search engines that are configured to filter inappropriate content
from the result pages that they display in response to a search query. They are different
from the main stream search engines in that they firstly do not have the same volume of
addressable data to search on and secondly that they do not have to be configured to
provide filtering.
Yahooligans
Yahooligans at www.yahooligans.com is a kid specific search engine that uses the yahoo
search engine and database. The content is filtered to remove inappropriate content from
the search results. Like many search engines, Yahooligans is also a directory which is
covered a bit later.
In tests the filtering was found to be quite effective on a number of potential

inappropriate search criteria. The search engine returned a “Sorry no results were found
matching: XXXX.” The search screen is shown below.
AskJeeves for Kids
AskJeeves for Kids at www.ajkids.com is a similar facility to Yahooligans in that it is a

subset of the search engine AskJeeves. What makes the AskJeeves and AskJeeves for
Kids search sites different is that the search phrase is not a word list but the engine
expects a question phrased something like “what is the internet” or “how does a guitar
work”. For some children this may be a more natural way of using a search engine.
Regardless the test results were quite good and inappropriate sites were filtered from the
results.
Family Friendly Search
This search engine is found at www.familyfriendlysearch.com and appears to be a meta

search engine, which is one that searches through a number of other search engines and
returns results from those other engines. From the screen dump below it appears that it
searches Yahooligans, AOL Kids, Kids Click and Saluki Search, so the results should be
comprehensive.
SurfSafely
Located at www.surfsafely.com. Another that combines search engine and directory.

Opening page is displayed below.
Topic 25 - Safe Portals
What are they
By definition portals are web sites that have links to other sites often they only cover a
narrow range of topics, often related. Portals are constructed and maintained by hand and
do not use automated methods to add new sites to the portal access list.
Kids.Net.Au
This is a very good Australian portal site which breaks up the material available into
discrete topic headings.
www.kids.net.au
Blackstump
Although blackstump is a general portal to Australian sites the link below takes you to
the children’s zone. As you can see from the screen dumps there is a vast array of content
for children of all ages. The site is located at -
www.blackstump.com.au/kids.htm
Below is a screen dump from the main index page to give you an idea of what is
available.
Some of the other categories include:
Cartoons and TV Shows

Coloring/Art
Disney
Encyclopedia/Homework/Reference
Games/Game Sites
Goosebumps
Harry Potter Sites
Lego
Looney Toons
Muppets
Museum/Gallery
Pokemon
Search Engines
(Dr) Seuss
Tamagotchi/Virtual Pet
Toys
Weather
Yowie
This is a very big selection and I’m sure that there is something for all ages.
Beritsbest
Located at www.beritsbest.com, this site seems targeted to younger children but comes
highly recommended by overseas reviewers. Part of the opening screen can be seen
below.
SurfSafely
This site was mentioned above in the Kid’s search engine section, but is referenced here
again. It is found at www.surfsafely.com
CyberGuide
This is a filtered search engine found at www.route616.com . Although it appears to be a

search engine it is in reality a filtered directory. It has only access to sites that have been
entered under specific topics. These topics are entered as criteria in the blue search box.
The site claims that its content is suitable for children aged between 6 and 16 years. My
tests suggests that although a well filtered directory it may lack the depth for older
children, but as all ways you are the best judge.
Part 5 - Specific Threats
Topic 26 - School Web Sites
What it is
School web sites are sites on the Internet that are run and maintained by individual
schools. The content on these web sites comprises information regarding courses offered,
accreditation and matters generally relating to the running of the school and a public
interface for the external world.
In addition many schools post details and photos of student activities and upcoming
events.
Threat
The primary threat to your child is the publication of your child’s photo along with
identifying information. A child exploiter may browse a school web site looking for
potential targets.
As in all these matters, a person is able to begin to profile a child from the random
information that they are able to secure from a number of sources. Schools are a bonus to
the child exploiter.
Mitigation 1
Insist that the school does not publish any specific information that may identify your
child. This includes no individual pictures particularly with identification information
such as “Jane Doe at the under 13 netball carnival”. A child exploiter has, when viewing
this, a considerable amount of information about this child, such as their name, school,
age, general geographic location of where they live and a very nice photo to work from.
Parents should be aware that this is generally enough information for the exploiter to
conduct a phone book search for your home phone number and address. From this it is a
trivial exercise to use one of the online street directories to find your home, the school
and a probable route home. One such service will plot the best path between school and
home, and allow them to print it out. This is just too easy for the exploiter.
Although it is flattering to have your child’s picture and accomplishments on the school
web page - don't allow it!
If the school wishes to publicise the under 13 netball team, then at the very maximum
they should place a low-resolution picture of the whole team without names and other
details.
Mitigation 2
The following mitigation relates to publicly accessible email accounts and not to internal
email accounts used within the local school.
Most children are now given an email account at the school. Although it is
administratively expedient to allocate email account names on a formalised basis such as
first name and family name, initial or initials and classroom or grade, these methods
potentially expose your child to an exploiter.
Schools should be encouraged to provide email account names that have no correlation to
the child’s name, the class room number nor the grade level.
Mitigation 3
Although it may be seen as excessive, parents should consider the effects of a school
publishing the timetable and location of sporting and other events on an open web server.
The location of the under 13 netball team game next Saturday may be the final piece of
information that someone profiling your child may need to execute an attack
I realise that many parents will consider this trivial, however for one child this
information was the ultimate cause of their death at the hands of a pedophile.
Topic 27 - Personal Web Pages
What are they
Most Internet Service Providers (ISP) allocate a number of email accounts and a small
amount of space for a private or family web page. Generally this space is in the order of 5
to 10 megabytes of disk space.
Having been given this space, many families see this as a good way for the rest of the
family to be able to keep up with events and activities and to tell a bit about the Doe
family history.
Threat
Similar to the situation above, a private web page may provide a profiler with a wealth of
information that could be used against your child. Let me give an example.
On one private web page there were photos of the owner’s daughter from birth up to her
current age, which in this case was nine years. Some of these photos also included her
with other family members, uncles and aunts etc. The child’s interests were mentioned as
were a number of her achievements.
The inclusion of the hospital photo just after her birth with the caption “proud mum and
dad Sue and Bob with little Jane 3 hours old”. This caption has identified the first names
of the parents as well as the child. A search on the location of their Internet provider will
give a general location of the family and so the profiling starts.
The most dramatic factor in all this is that a profiler could contact the child and claim that
they are friend of uncle George and aunt Ann, information gleaned from the web site.
The child knows her aunt and uncle and assumes this person to be a family friend and
thus not a stranger. From this contact is established.
Mitigation 1
I know that it is virtually impossible to restrain people from bragging on their kids on the
Internet, so even though the mitigations in regard to schools apply here, I consider that
very few parents would apply them.
A practical solution to this is to arrange for the private web page to have password
protection on it. This means that anyone who does not have the password will not be able
to access the content. Family and friends that you wish to see the pages could have the
password emailed to them in the general course of events. Such a procedure, while not
totally secure will stop the casual profiler, who will move on to easier pickings.
One final point in regard to passwords is don’t make it so simple that a profiler could
guess it in a few tries.
Mitigation 2
Continuing on in the theme of reducing the chance of a profiler actually being able to
locate the Web pages, there are two other strategies.
Firstly for those who have smaller or regional Internet Service Provider, decline the offer
to have your Web page listed with all the other private pages that they host. It is common
for an ISP to have a link from their main page to a member page index. Allowing this is
making it so much easier for a profiler, who can just troll through the index harvesting
targets. Since the ISP will almost always provide information about what area they serve,
the profiler can work a geographic location easily.
The second method is a little more involved and may require the assistance of the ISP’s
support desk to implement. Search engines index Web sites that they come across based
on the contents of what is called the ‘robots.txt’. This file is generally located in the top
level directory of the Web site and specifies amongst other things which pages the search
engine may index. By organising the ‘robots.txt’ to specifically exclude your web pages,
there is no chance of someone finding your Web site through a search engine.
I should explain that not all search engines will obey the exclusions of the ‘robots.txt’ file
but the major ones will and that’s a start.
Mitigation 3
Consider what you want to achieve with the home web page. If it is purely to store and
display family photos then, there are other options that offer some enhanced flexibility.
Services such as Yahoo (www.yahoo.com) will allow you to store up to 30 megabytes of
photos in a photo album. In this option you can create and place photos in separate
folders each with its own password. This way you may allow various people access to
specific groups of pictures. The only drawbacks are firstly that you have to create a
profile, which I have discussed elsewhere and the chance of loss through having the
service either moved or cancelled. Other providers, such as ninemsn offer a similar free
service.
It may be expedient to take out more than one service and duplicate the images on both as
a safeguard against loss.
Topic 28 - Cyberbullies
What are they
Both the terms cyberbully and cyberstalker are relatively new terms that have come into
being in the last decade or so. Both terms refer to attacks and crimes that are
modifications of, or ancillary to, the acts of bullying and stalking in the real world.
Cyberbullying is the use of Internet and other technologies to harass and bully an
individual or small group.
Threat
In recent times we as a society, have become aware of the threat and dangers that accrue
from the harassment and bullying of individuals. I consider it a privilege to sit on the sub-
committee, which addresses bullying, and harassment at a large R-12 in my home city.
This involvement has crystalised much of what I have suspected in regard to this matter,
both on and off line. To my colleagues on the SD2 committee, I express my thanks for
your input and views.
The Internet is a massive tool for the harassment and bullying of children. The best way
to express this is perhaps to look at a few potential scenarios. A child may be bullied and
harassed within a chat room. From the simple child being ignored through various put
downs to the ganging up of the majority of a room against a sole child.
If we consider that these events are insignificant we fail to understand the needs of our
children for peer acceptance. Having witnessed this in pre-teen and teenage chat rooms, it
is heart rending to watch a child attempting to be recognised or defending their right to be
there. Such a child feels lonely, unappreciated, even unloved. Now I want to make a bit
of a transition here. A child who has been treated this way by their peers is actively
looking for acceptance within the online community.
Let me pose this question, how exposed is that child to an adult child exploiter who
pretends to be their friend? How easy is it for the exploiter to get the child on side, to get
them to open up, discuss their feelings and hurts? How hard is it going to be for the
exploiter to lure the child from the chat room into a private conversation?
I have adopted this approach, because as parents we sometimes minimise the potential
effect of being harassed and bullied. Some parents have adopted the stance that they had
to go through it at school, so their child should just learn to live with it. We live in a
different world today. Our children face far greater threats to their health and wellbeing
than we ever did when we were growing up. One of those threats is that there is always
someone lurking around to take advantage of our children.
I have spent too much time on this, but I feel that we often do not appreciate the potential
for harm.
Another version of this bullying and harassment issue is the placing of personal details
and/or pictures of the target on the Internet.
There have instances where children have had their picture posted on a free Web site with
harassing comments about the child. The location of the Web page is then publicised
through out the school and the child is further humiliated.
Mitigation 1
Looking firstly at the issue of harassment and bullying within a chat room, there are a
number of concrete things that parents can do. A great deal of the approach you take in
this matter is dependent on the level of need that your child has to be associated with that
particular chat room. If your child is not committed to that room, and there may be a
number of reasons why they are, then you could help them locate another chat room of a
similar type. Earlier in the book I showed you the location of kid safe chat rooms. Kids
safe in context means that they do not cover inappropriate topics, but you might be able
to find one that suits your child’s needs. OK, that may take some time, but it is going to
be simpler and quicker than the next scenario.
Where the child is committed to the chat room, for whatever reason, then your strategy
must be one of intervention as opposed to relocation. Your first move should be to sit
with the child and observe what is happening in the chat room. Watch the chat and
responses when your child attempts to join in. Are they ignored, or are unkind comments
made toward them. Look at what your child is saying.
It is sad, but sometimes, a child may be a poor fit for a specific chat room. Reasons for
this often relate to a child’s inability to conduct a chat on the maturity level of the others
in the chat room. In such an instance the child will be ignored or spoken down to. It is
hard as parents to admit that perhaps our child is not as socially mature as their peers, but
denial will not help the child, it will just appease our personal ego.
If this is the case, then you have a responsibility to help the child understand that they
would enjoy themselves more in a chat room that talks about their interests at the same
level. I know this is a tough one, but we are parents, we are strong – well at least some of
the time.
If the chat room consists of others that the child comes into contact with on a day to day
basis, such as school, then the pressure to remain and gain acceptance is considerably
higher. Stepping back a bit, it then becomes clear that the harassment and bullying may
be an extension of the behaviors that the child is experiencing during the school day. In
this situation a more unified approach is required. The online harassment and bullying is
just a factor of a much larger pattern of abuse.
We as parents are fortunate today, that our schools have active anti-harassment and anti-
bullying programs in place. Most schools have councilors and a few have chaplains to
assist the child. School policies and procedures for dealing with events are publicised and
supported. School staff are available to assist both the child and the parent. Use these
resources. Please don’t react against the school blaming them for allowing the situation to
develop, rather work with them in seeking effective solutions.
Topic 29 – Cyberstalking
What is it
Cyberstalking is the intentional following and drawing the target’s attention to the
stalker’s presence. The objective is clearly to cause fear, to intimidate and to control.
In many regards, cyberstalking is a much easier act to commit that traditional stalking. In
addition it is a much harder crime to prove as the stalker may not even be in the same
geographic area as the target. Regardless of this, it is a serious crime and should be
viewed accordingly.
Threat
The threat to a child is they become aware that someone is watching them, their online
moves. This person also knows a lot about them. For a child it would appear is if that
person was able to see over their shoulder, see them as they move about in their daily life.
In extreme cases this is what finally happens, the stalker is able to infiltrate the child’s
life with the attendant consequences.
Cyberstalking relies to a significant degree in the stalker being able to identify the child
and construct a profile of that child. As I discussed at length above, the more information
we allow to accumulate about our children on line the more profiling data a stalker or
other exploiter has at their command.
From this profile data they can mount an effective campaign to cause the child fear. From
statements like; ‘I know the way you walk home from school’ (from home and school
address data), to extremely personal details like; ‘I really like your hair in pig tails like
that’ (from a picture that they have located of the child on line), the stalker can ramp up
the fear.
Mitigation 1
The only certain mitigation against on line stalking of children is to ensure that they have
a very small Internet footprint. The less identifiable information there is about them on
line the less the chance that they will become the target for a random stalker.
The other side of this is that if they somehow become the target of a real life stalker, then
low Internet visibility will reduce the available channels that the stalker has to stalk the
child.
Mitigation 2
This mitigation is an after event solution. I admit that this is far from being totally
effective and is often difficult to orchestrate.
Consider the situation where your child’s identity has been compromised online and there
is a concerted stalking activity against the child. In these cases the parent has only one
recourse. The child must be moved to a new location online. Consider this to be like a
virtual witness relocation program.
Before pursuing this option, look at the possibility of the child going offline for a period
of time. The theory behind this, is that if the stalking is part of a indiscriminate stalker,
that is one who just seeks victims and not specific victims, then the stalker may move on
to another target. Not a pleasant thought perhaps, but at least your child will be spared the
unwanted attention.
There may be a number of reasons that the child cannot remain offline for a period of
time. Study needs for instance may require the child to log on regularly. In this
circumstance the second option may be used.
Set up a complete new identity for your child, with no links back to the existing email
account or profiles. Ok how does this work. Create a new email account with a
completely different provider, hotmail if they were with yahoo for instance. In any event
use a completely new provider. Create a minimal profile for the child, being careful not
to divulge any identifying personal information. Do not link the new email account and
profile to the old email account and profile.
The child may then begin to log on to the chat rooms and other areas that they have been
using before. Unless the stalker is particularly adept, they will not link the new accounts
with your child’s previous identities. They will instead most probably think that your
child has fled the Internet in fear, which may be one of the desired outcomes for them.
A number of problems exist with this solution. You may for instance have your child’s
email account with your Internet Service Provider. Creating another identity with the
same provider may tip the stalker off, so in this situation you should delete the ISP email
account and create a free one similar to hotmail or yahoo.
The second problem with this is that your child will have to update their new email
address with friends, and in some cases educational and other providers. The threat here
of course is that the more people that know the new details the greater the chance that it
will get out. Be wary who is told of the new details.
One final point, once you abandon an email account of that has been profiled, don’t let
the child go back to it. Just let that online identity dissolve.
Topic 30 - Hackers and crackers
What are they
Hackers and crackers are terms used, often interchangeably for persons who break into
computer systems either for interest or material gain. The Information Security Industry
considers a hacker to be a person who breaks into a system without the intention to
perform malice or damage the system in any way. Hackers generally do not attempt to
profit from their activities save the gaining of knowledge and skill. Crackers on the other
hand are taken to be those persons who break into computer systems to modify, damage
or break those systems often with the intent to gain either proprietary information or
financial advantage.
Threat
As far as your children are concerned, the major threat from this group of computer users
is that your child may become involved in the underground computer culture. The quest
for information and knowledge is a lofty goal and many traditional hackers have
contributed greatly to the computer security field. Where the issue evolves, is where your
child is lured to the other side. The dividing line between the black hat and the white hat
(read bad guys and the good guys) is often so fine as to be barely discernable.
It is I believe far too great a temptation for our children to be placed in a position where
the skills that they have learned may be turned for either thrills or material gain.
If we add the urban myths and the hype surrounding the hackers/crackers as evidenced by
movies such as ‘Wargames’ or ‘Sneakers’. We then have a situation where our children
may be lured into the underground community attempting to replicate those acts.
Mitigation 1
This is a difficult one, so difficult that I was tempted to delete this section from the book.
I mention this solely to pre-warn you the reader that the mitigation for his threat is really
thin, verging on the trivial, but I feel that I must address it regardless. Maybe in the next
edition of this book I will have something better, more concrete.
As parents we seek to encourage our children in their endeavors, yet we must always be
mindful that they remain moral and ethical in those endeavors. So when does a keen
interest in computers, operating systems and how the Internet works cease to be a good
pursuit and become a harmful activity.
I suggest that the point where it becomes life dominating, where normal activities for a
child of that age are foregone to sit at the computer screen. Even this may not be a
reliable indicator, but just talking to them will reveal who their computing hero’s are. A
child who see Kevin Mitnick (a renowned hacker/cracker) as a hero, someone to be
emulated or a child who talks about the ‘Legion of Doom’ or Phrack magazine is
certainly showing signs of being lured to the dark side of the Internet.
In these circumstances, you as the parent need to take action to refocus the child’s
attention away from the criminal to the thrill of the technology and what they can do with
it. In the extreme case it may require that you gain some computer experience yourself
and share their interest at the level that they are at.
Topic 31 - Paedophiles
I have left this topic till last because I suspect that many readers may have had the
impression that this is what the book is all about. Its placement is more a function of how
this aspect fits into the rest of the book and not its importance as a topic.
I prefer to use the term child exploiters. This is mainly due to the stereo typing and social
images that the term paedophile conjures up. Regardless of the term that I use, we are
talking here about paedophiles – persons who prey on and exploit children – individuals
that I consider to be the most dangerous manifestation of our species.
Who are they
I think that every adult or parent has a pretty clear idea of what a paedophile is. What is
perhaps not so clear is who they are. Although there is no clear-cut paedophile profile,
there are traits that online exploiters manifest.
The online child exploiter seems to have a number of skills, which include social
engineering and computer literacy. Many appear to have high levels of disposable income
and are often employed in what we might call good jobs.
Since it is not my intention to attempt to teach you to identify an exploiter at sight, since
it is plainly impossible, I want only to point out that we are dealing with very street smart
and often intelligent people.
Threat
Perhaps this section is unnecessary, we all know what the object of these people is and
what the nature of the threat they pose to our children is.
Consider that there has been little perceived online activity tied to real life child
exploitation in this country, I fear that we are complacent in this matter. We should be
aware that in almost every international police operation to break up ‘pedo’ rings there
have been at least one or more members located within Australia. This means that they
are out there.
In a recent 60 minutes story on online exploiters, there was a brief mention (too brief for
many to notice I suspect) of a Brisbane exploiter being online and being tracked by the
FBI during the course of an interview with a FBI officer.
The main point I wish to make in this somewhat emotive issue is that statistically your
child is more exposed to an exploiter in real life, however, their chance of coming to
physical harm if they meet an online exploiter in real life is statistically so much greater.
In many cases the exploiter ultimately causes a fatality.
Online as in real life, these people hang out where the kids are. In real life it is the parks,
playgrounds, shopping malls, around schools, in fact anywhere where kids congregate or
frequent. Similarly online, it is primarily the kids chat rooms. But this is not the exclusive
haunt, they will troll other areas of the internet attempting to identify potential targets.
From their contact with them in chat rooms they will seek to establish contact through
instant messaging and email. They may also attempt to contact through mail and
telephone both landline and cellular.
Child profile
There is considerable discussion and debate regarding the traits of a potential exploitation
target. Regardless of this debate, I consider that child exploitation targets tend to exhibit
some of the following traits.
Loner
Estranged or disenfranchised from family
Feel substantially misunderstood
Considerable free unsupervised time
Below I have listed a number of potential signs that your child may be in contact with a
child exploiter. I have divided them into a number of groupings to make the task a bit
easier to understand.
Please note that I am not saying that if your child exhibits one or more of these sign
then the are definitely being an exploitation target. There can be a number of
reasonable reasons for these signs. What I am saying is that if we look for the signs
and then the reasons for those signs then we will be better prepared in the sad event of
your child being a target.
Signs 1 – Home Attitudes
The main mitigation is to be observant. Both of your child’s moods and attitudes and of
what they say. If your child’s moods change dramatically, they seem distant and insulated
then you should investigate the causes. Are they having trouble at school, being harassed
by peers.
Watching your child’s conversation may indicate the possible presence of an exploiter in
their life.
Have they begun to mention a name that you have not heard before
Signs 2 – Lifestyle Changes
Always be alert for an increase in gifts and objects entering the house.
Is your child receiving letters from an unknown sender?
Is your child receiving letters without a return address?
Is your child receiving letters with a post office box return address?
Has your child received any gifts from unknown sources?
Has your child mysteriously received a prize from a competition that you know nothing
about. (I don’t know of any child that will not tell their parent of the contests that they
enter and hope to win long before the drawing of the prizes)
Is your child using someone else’s Internet access account
Has your child be given a cellular phone or prepaid phone cards
Has your child excessive disposable income
Has your child presents and gifts in their room that you are not aware of the source.
Has your child significantly and radically changed the style and manner of dress?
Signs 3 – Accounting Signs
There are a number of what is best termed accounting signs. These are signs which leave
an accounting or paper trail.
Are there phone calls to unknown numbers on your telephone bills, both landline and
cellular?
Are there phone calls to specific numbers at certain times of the day, often when the child
is partly or fully unsupervised?
Is the child spending more time online particularly at night?
Signs 4 – The Rest
The last list is a mix of items that didn’t fit cleanly into the other categories.
Phone calls received with hang-ups or wrong number claims.

Child closing the screen session when online as you enter the room.
Mitigation
Basically this entire book is slanted with a view to mitigation against child exploiters. In
this regard everything that precedes constitutes the mitigation. But if there was one final
piece to this that has so far been left is unsaid, it would be the concept of a stranger. We
teach our children via programs such as ‘stranger danger’, the principle of danger that
arises from association with people they do not know - strangers.
If my understanding of these programs is correct, then we teach our children that there
are certain persons that they may approach or give personal details if they are lost or in
danger. These persons comprise entities such as police, teachers and the like. In some
cases the group may be extended to include medical, fire and rescue personnel. It is not
solely dependent on the person’s job or role, but more, I suggest the circumstances that
the child finds itself in. Children should seek help when they are lost or in danger.
I want to expand this concept here and present an approach that parents may be able to
use to teach children the danger of online association. This is the concept of ‘never lost
online’. Simply, we can demonstrate to children that there is no situation online where
they are either lost or in physical danger. It is a moderately simple task to show them that
since they are never lost, there is no reason to approach or give out personal details to a
person they meet online.
At present I am attempting to formalise this into a program to be presented to

schoolchildren. Until that time I’ll have to leave it to individual parent, teachers or
caregivers to pursue this either alone or in small groups.
Closing Thoughts
Well that’s it, version 2 of this book. I am aware that it is far from a definitive work on
this subject, partly because of the constraint to get it out to you the parent and partly
because of the dynamic changing nature of both the Internet and the services it offers. As
fast as we, the Information Security Professionals mitigate or close off an exploit or an
attack, the black hats, the exploiters and the paedophiles find another way to seek out and
manipulate their targets.
If you were sitting before me today, I would close with the following. Don’t just read this
book for interest, but apply the mitigations as you see the need. I cannot see that we will
ever be able to let down our guard, as such we all have to be vigilant and diligent to care
for our children and their children.
On a positive note however, the significant successful capture, prosecution and

internment of online criminals and child exploiters should encourage us all.
Appendix A – Author Bio
David Teisseire, CISSP has been involved in the computer industry for over 16 years as
a systems administrator, software engineer, hardware maintenance engineer and senior
consultant to organizations in such varied fields as education, manufacturing, legal,
aviation and retail sectors. His background includes extensive experience on not only
personal computers, but also mid sized Unix and Hewlett Packard systems
David specializes in computer crime issues, with a particular focus on both local and
international child exploitation and protection matters. He has written two books. The
first “Teach Yourself Home Internet Security in 24 Hours” which focuses on protection
strategies for families and individuals. The other book, “E-forensics Unleashed – A Back-
Tracker’s Manual” is a comprehensive technical reference for law enforcement and
forensic specialists in the field of computer crime investigation.
He has also authored a number of articles and papers on both cyber-crime and Internet
protection, including a submission to the recent South Australian Government's “Child
Protection Review”. His submission is materially incorporated in Chapter 26 Section D –
The Internet and Information Technology and Child Protection, and is further reflected in
Recommendation 206 of that report.
He has developed and presents Australia's only lecture series addressing the issues of
Internet based child and family security. In addition, until recently, he fulfilled the role as
moderator on law and ethics for a global security forum.
David’s community involvement includes, a number of volunteer positions involved in

the management and direction of one of Adelaide’s largest R-12 public schools. In
addition he is a director of Wild Rivers Foundation, a not-for-profit child and youth
lifestyle education foundation.
David is a father of 4 and recent grand-father of 1. He lives in Adelaide, South Australia

with his wife Sylvia and two of his children, Lara and Stuart.

Compact Guide To Child Protection Online

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Compact Guide To Child Protection Online

Uploaded by

Copyright:

Available Formats

Compact Guide to Child Protection Online – The Essential Strategies

Compact Guide to Child Protection Online

The Essential Strategies

David Teisseire, CISSP

Second Edition Revision 2.2

Page 1 of 71 Edition 2 Rev 2.2

Page 2 of 71 Edition 2 Rev 2.2

Page 3 of 71 Edition 2 Rev 2.2

Page 4 of 71 Edition 2 Rev 2.2

Page 5 of 71 Edition 2 Rev 2.2

APPENDIX A – AUTHOR BIO..................................................................................................................71

Page 6 of 71 Edition 2 Rev 2.2

David Teisseire, CISSP

How this book came into being

Who should read this book?

Topic 2 – Location of Internet Access

Topic 3 - Parent and Child Contracts

Increasingly I am promoting this as a better alternative to Mitigation 1 above. This does

Topic 4 - Chat rooms

What are they

IN THIS INSTANCE THE MODERATOR IS MOST PROBABLY SOFTWARE PROGAM OR A BOT.

Other chat rooms, ninemsn (www.ninemsn.com.au)or yahoo (www.yahoo.com) for

Topic 5 - Voice Chat

What are they

Topic 7 - Instant Messaging

The default configuration of many instant messaging services is to broadcast a person’s

Topic 8 - World Wide Web

Topic 9 - Search Engines

What are they

What they are

IN ONE INSTANCE, A HOTMAIL ACCOUNT BELONGING TO AN 11 YEAR-OLD GIRL WAS DISCOVERED TO

Topic 12 - Clubs and groups

What are they

As a point of clarification the transfer of club or group ownership is a common event

What are they

Topic 15 - Peer to Peer services

What are they

Topic 16 - MP3 Music

What are they

Topic 20 - Safe Web Browsers

What are they

The Family Browser

Topic 21 - Firewalls and Filtering

What are they

Although there a number of commercial firewall and filtering software packages

Firstly, I do not wish to be accused of some underhanded commerciality, where I might

Topic 22 - Safe Chat Rooms

What are they

There is a good selection of chat rooms at www.kids.net.au

All up it is a good place to start.

Topic 23 - Safe sites

What they are

Topic 24 - Safe Search Engines

What they are

In tests the filtering was found to be quite effective on a number of potential

AskJeeves for Kids at www.ajkids.com is a similar facility to Yahooligans in that it is a

This search engine is found at www.familyfriendlysearch.com and appears to be a meta

Located at www.surfsafely.com. Another that combines search engine and directory.

What are they

Cartoons and TV Shows

This is a filtered search engine found at www.route616.com . Although it appears to be a

Topic 26 - School Web Sites

Topic 27 - Personal Web Pages