?
Solved

Setting up a proxy in IE 6 to block internal IP addresses from users

Posted on 2004-09-02
4
Medium Priority
?
866 Views
Last Modified: 2013-12-04
I need to block all intranet traffic from users on a local machine basis in IE 6.  Currently I am running Windows XP SP2 with IE6.  I have tried setting the LAN Settings to Use a Proxy Server, address 127.0.0.1 on port 80, (in Advanced) Use the same proxy for all protocols and inputted www.*.com as an exception.  My only problem is that I cannot view any graphics or info stored on say cnn's local intranet.  Is this possible to do on a local machine or is there another solution to do on a local machine that would produce the same results?
0
Comment
Question by:aikane78759
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 11983275
The problem with only putting in www.*.com is that most webpages have multiple servers that handle webpages.  In CNN.com for instance, if you look at the source of the page, you will see that it is grabbing some information from http://i.cnn.net/...  etc.  Most, if not all, major webpages do this to loadbalance, optimize storage, etc.  To see what I am talking about, type in "www.*.com;*.cnn.net" (without quotes and leave the semi-colon) into the exceptions list.  You will see that the pictures come up when you load www.cnn.com now.

Your method of blocking is nice and simple but it will become a large headache when you realize that even for a simple page like www.cnn.com, there are several other servers you need to list as well to get all the graphics, javascript, or anything else that the webpage needs.

The simplest way that I can think of is to setup a real proxy server.  Then configure it to allow all webpages while blocking some - as opposed to blocking all and allowing some.
0
 

Author Comment

by:aikane78759
ID: 12028753
Unfortunately, I do not have access to a proxy server.  All of this had to be done on the local machine.  I did, however, set the IE proxy to do what I wanted.  Below is my documentation:


Go to Start-->Run-->type regedit
Navigate to HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings and look for string value ProxyOverride or any key associate with proxy and deleted it (right click-->delete)

Close registry editor


Settings in local Group Policy to change

--Go to Start-->Run-->gpedit.msc-->OK

--Under Computer Configuration-->Administrative Template-->Windows Components-->Internet Explorer

--Make proxy settings per machine (rather than per user) to enable  


--Right click IE and go to properties-->Connections-->LAN Settings

-- Check “Use proxy server for your LAN”
--input 127.0.0.1 for address and 80 for port
      --Select advanced --> after HTTP:  input 127.0.0.1 for address and 80 for port (if not already there)
      --Check box at bottom for “Use the same proxy server for all protocol (if not checked)      

      --Under exceptions:
            Input --> http://*.*; http://*.*.*; http://*.*.*.*; http://*.*.*.*.*; https//*.*; https://*.*.*; https://*.*.*.* https://*.*.*.*.*
      --Select OK and select ok again to go back to internet properties page
                        
-Under the Security Tab
-- highlight local intranet-->click the Sites tab-->Check “Include all local (intranet) sites not listed in other zones” and check the “Include all sites that bypass the  proxy server”  (The last check box should be clear).

--Go to the Advanced tab make sure the “Require server verification (https:) for all sites in this zone is checked
--Select OK, select OK again
--highlight the Restricted sites -->select the Sites tab-->in the Add this Web site to the zone: input the following
      --http://*.company.intranet.company.com
      --http://*.company.intranet.com
      --*.company.intranet.com
--Select OK and OK again to exit the Internet Options box

Settings in local Group Policy to change

--Go to Start-->Run-->gpedit.msc-->OK

--Under Computer Configuration-->Administrative Template-->Windows Components-->Internet Explorer

      --Change-->Security Zones: Do not allow users to change policies to enable

--Under User Configuration-->Administrative Template-->Windows Components-->Internet Explorer-->Internet Control Panel

      --Change all settings to enable
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 12058027
Closed, 250 points refunded.
CetusMOD
Community Support Moderator
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question