The KID filter is designed to lightly enforce a domain-based access policy, and redirect users to a blocking page.


You maintain a list of domains the filter will disallow web access to.

Access attempts are redirected to a web page containing a message saying that access to that web site was disallowed.

See the implementation page for more information.


  • Lightweight: Does not require additional networking equipment or routing changes.
  • Uses very little extra resources
  • Easy to implement
  • Easy to circumvent
  • No extra software, just configuration


  • Broad: blacklists entire domains
  • Does not catch everything
  • Easy to circumvent


I originally started to use KID to reduce the amount banner advertisements from my home network.

In 2004, I was invited to a meeting between my then employer (Telenor) and the police unit Kripos, where the topic was the trade in child abuse material. KID was proposed, and then implemented.

The method has shown to be efficient in use, and has later been implemented in many other internet providers. KID was presented to the GSM Association at their 2005 meeting in Oslo, and has been included in their documents of best current practices, available to their members.