Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Block everything, but Only allow 2 web sites and emails, How?

Posted on 2004-08-15
8
Medium Priority
?
193 Views
Last Modified: 2013-11-16
Hi All,

One of my clients is a travel agency. The owner has been bugged by employees' surfing on net during work hours.

He wants to block EVERYTHING, EXCEPT 2 web sites (oag.com & sabre.com) and emails (Outlook & Outlook Express)

How can i accomplish this? Anyone had the same situation as me? Any h/w or s/w solutions???


Thanks a lot

jack

(I doubt that i can use Dlink/Netgear/Linksys to do this, I guess I need a professional class firewall? What's the cheapest one that does the job???)
0
Comment
Question by:techcity
  • 4
6 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 11803867
Filtering Internet access

*****Method one******
Pro's EASY TO DO.    CON's NOT GOOD FOR LOTS OF CLIENTS.

How you approach this depends on how many users you are talking about, if its just a few users, the simplest way is to modify the host file on each PC and put an entry in it for each domain you DONT want the users to access and point them to 127.0.0.1 (you can edit the hostile with notepad or this, http://members.shaw.ca/techcd/VB_Projects/HostsFileReader.exe
For example to block www.hotmail.com add this line to the end of the host file.

127.0.0.1     www.hotmail.com

NB in win 95/98/ME the host file is at C:\windows\hosts.sam (save it WITHOUT the. Sam extension and reboot)
In windows 2000 the host file is at C:\winnt\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)
In Windows XP the host file is at C:\windows\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)

*****Method Two*****
Pro's Easy to administer. CON's Expensive & NOT PRACTICAL FOR HOME USERS.

Give all your clients access to the Internet via a Proxy Server than can filter and block websites.
ISA Server http://www.microsoft.com/isaserver/
WinProxy http://www.winproxy.com/index.asp

*****Method Three*****
Pro's Very scalable from home user to businesses.  CON's Can Be Expensive

Use some third party software to do it for you.

Home Users see
Net Nanny http://store.netnanny.com/dr/v2/ec_dynamic.main?sp=1&pn=12&sid=53
Cyber Sitter http://www.cybersitter.com/
Home users/Small business's See
CyberPatrol http://www.cyberpatrol.com/
Business's See
WebSense http://www.websense.com/
WebMarshal http://www.nwtechusa.com/webmarshal.php?iorb=4764&sc=106

*****Other options*****
How do I use IPSec IP filter lists?
http://www.jsifaq.com/subj/tip4500/rh4554.htm

How can I block a Windows 2000/XP/2003 computer from surfing on the Internet?
http://www.petri.co.il/block_web_browsing_with_ipsec.htm

Internet Explorer Administration Kit (IEAK) 6 SP1 enables the most cost-effective and efficient way to deploy and manage Web-based solutions.
http://www.microsoft.com/windows/ieak/default.mspx
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11803874
if your serious about going down the firewall route..

Hardware Firewalls

Cisco PIX
http://www.cisco.com/go/pix
The world-leading Cisco PIX® Security Appliance Series provides robust, enterprise-class, integrated network security services including stateful inspection firewalling, protocol and application inspection, virtual private networking (VPN), in-line intrusion protection, and rich multimedia and voice security-in cost-effective, easy-to-deploy solutions.

SonicWall
http://www.sonicwall.com/
SonicWALL Internet firewall/VPN security appliances support an array of security applications and deliver powerful firewall and VPN performance. SonicWALL appliances are built on stateful inspection firewall technology, and a dedicated security ASIC designed to ensure maximum performance for VPN enabled applications.

3Com
http://www.3com.com/prod/en_EU_EMEA/prodlist.jsp?tab=cat&cat=134482&subcat=134490
3Com perimeter firewalls and website filters cost-efficiently secure Internet access and give IT managers a critical first line of defence against network attacks and unauthorized access. For protecting the perimeter of your network, choose the 3Com® SuperStack® 3 Firewall for enterprise

NetGear
http://www.netgear.com/products/routers/firewallvpn.asp


set your firewall to allow TCP (Port 80) traffic to the two URL's you require and BLOCK port 80 to all other IP's

allow
Name:    oag.com
Address:  198.80.15.75

and

Name:    sabre.com
Address:  151.193.182.43

then block trafic outbound to everyone else
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11803883
just noticed the EMail bit

for EMail access you need to find out weather your EMail runs over SMTP (TCP port 25) or POP (TCP Port 110) then allow those ports outbound to the EMail server you use
0
Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

 
LVL 1

Author Comment

by:techcity
ID: 11804334
Thanks a lot for the prompt reply Petelong
Your posts are very knowledgeble. I will spend some time studying them and comment back later

Thanks again

Jack
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11804459
:)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 11807771
does the user has admin rights on the laptop?
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question