Solved

Web Blocking on a single PC

Posted on 2004-04-08
8
204 Views
Last Modified: 2010-04-11
Hello,

I have a department that would like a PC to be able to be accessed by the public but they only want them to be able to go to one website, a website where they can sign up for something on their own.  I know there is software that will do this.  I was wonder what the best is for this senario.  I want them to only be able to access the one website.  Thanks guys/gals.
0
Comment
Question by:gustac
8 Comments
 
LVL 49

Expert Comment

by:sunray_2003
Comment Utility
this should work i guess.. You can setup a proxy server and make the proxy server allow only one website that you want people
to go to.. They cannot view other websites or will ask for username and password to connect to any other website .
0
 
LVL 1

Accepted Solution

by:
badrox earned 50 total points
Comment Utility
Perhaps even easier than that would be just to setup a proxy.pac and configure it in the browser.

And the file would look something like this:

function FindProxyForURL(url, host)
{

if (isPlainHostName(host) ||
    dnsDomainIs(host, "the.one.website.com") ) {
    return "DIRECT";

}

else if (url.substring(0, 5) == "http:") {

return "PROXY localhost:8080";

}

Saving that as a .pac and loading it on the machine should work, since it will allow them to go direct for the website you want but anything else they will connect back to their local machine and assuming they don't have a proxy server running there, will give them a page not found.

Very easily bypassed mind you if they can change their IE settings but very little man time also.
0
 

Assisted Solution

by:cyrobinson
cyrobinson earned 50 total points
Comment Utility
how about removing the DNS settings from the machine ad adding a name to ip address mapping in the hosts file?

that way access to any site by name will fail except for the one in the hosts file
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 1

Expert Comment

by:badrox
Comment Utility
If you change the hosts file, you run the risk of not being able to access your internal systems as well.  My understanding of the question is that they just want to block web and nothing more.

Is this correct gustac?
0
 

Author Comment

by:gustac
Comment Utility
Well, it's going to be a public PC and used ONLY for browsing the one website so internal systems wouldn't be a problem.  

As far as setting up a proxy for just this one PC, I don't think I'm going to put that much time into that.  Seems like there should be an easier way.  Thanks for the comments so far guys.  I'm still working on it....
0
 
LVL 1

Expert Comment

by:badrox
Comment Utility
If that is the case, either one of those examples would work.  You can do a mini-pac on the local box or you can set do null dns servers and put the host you want to be able to get to in the hosts file.

Either one of those would do the trick.
0
 
LVL 27

Expert Comment

by:Tolomir
Comment Utility
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split: badrox{http:#10785959} & cyrobinson{http:#10824352}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Tolomir
EE Cleanup Volunteer
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now