Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Program Blockers

Posted on 2004-09-06
10
411 Views
Last Modified: 2011-09-20
My company is looking for a program we can install on our server that will block the employee workstations from accessing different websites, ICQ, Yahoo, MSN and music downloads.
We are looking fro a program that is configurable so we can decide what they access and what they do not.

Thanks Scott
0
Comment
Question by:scotthoule
10 Comments
 
LVL 4

Accepted Solution

by:
Evarest earned 45 total points
ID: 11990845
To block websites, you might try

http://www.netnanny.com/

Am not sure whether it's applicable for networks.

To block specific programs, you can try ProcAlert Pro:

http://www.esat.kuleuven.ac.be/~eschoofs/ProcAlert

Evarest
0
 
LVL 31

Assisted Solution

by:moorhouselondon
moorhouselondon earned 41 total points
ID: 11991692
A firewall will do the trick, choice depends on many factors: what network you have etc.  It is impossible to prevent access to all sites you would wish people not to see, but if it is made known that your company will be using a program that logs traffic then this combination will reduce undesirable traffic.  Many here will have better knowledge of which is best for your circumstances.

Some programs have a facility to add 'forbidden' words.  If one of these words or phrases occurs in the data stream then it can deny access to whatever it was that was being accessed.  Useful for checking if your credit card number is being thieved for example.  However, go easy on the forbidden words, one of my clients is a business centre and they had a ban on the word 'cock'.  Whoever set this up was not informed that one of the companies on the premises is a plumber!

You need to consider whether certain people in the organisation are permitted to use certain forbidden facilities.  This will complicate the way the firewall is set up.
0
 
LVL 3

Assisted Solution

by:SBPCGuru
SBPCGuru earned 41 total points
ID: 11992728
Most cable/dsl routers now have a function where you can block access to certain websites.
It will also keep a log for sites you will need to block in the future.
I saw this on a NetGear wireless, but not sure if Linksys or DLink has this feature.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 6

Assisted Solution

by:acmp
acmp earned 41 total points
ID: 11994775
The industry leader is SurfControl. It's not cheap.

You canget a demo version from their website (http://www.surfcontrol.com/). The logs make interesting viewing as you can see everything that people have done over the internet.

It has very powerful rules that let you decide exactly how and what to control.

acmp<><
0
 
LVL 5

Assisted Solution

by:OverSeer
OverSeer earned 41 total points
ID: 12030203
http://www.websense.com. A very good program and centrally located so you don't go to each desktop...
0
 

Assisted Solution

by:RoyInTexas
RoyInTexas earned 41 total points
ID: 12206690
How about a free solution?

When your browser wants to connect to a website, it must first translate the english url to an numeric IP address.  It does this by connecting to a "URL to IP" address look up or translation server called a DNS(Domain Name Server).  It's kind of like looking up someones phone number in a  phone book.   You know look up thier English name and then you get their phone number.
 
So what you do is block this look up mechanism. To do this, you tell your bowser to look up the english url names locally from a file stored  on your PC first before it attemps to connect to the DNS server. And this file will contain the wrong IP address for the sight you want to block.  So if they have the wrong IP address(like a wrong phone number), they won't be able to connect to the desired website.
 
There is a special internet address called the loop back address which is predefiend to send all Internet requests back to the originating PCs.  It's called the loop back address.  It is 127.0.0.1.   Now that you know what the loop back address is, you setup your local look up file to give your browser the loop back address for any website you want blocked.  So no instead of connecting to a given website, they just connect to themselves.

 
When Internet Explorer attempts to look up a website's IP address from a DNS server, it first checks to see if there is a local address book first.  This local address book is called "Hosts". It has no extension and usually resides in your Windows\System 32 directory.  If it exists, IE will look up the address there first before it asks the DNS server for the IP address.  If the URL exits in the HOSTS file, IE will use that defined IP address for the one it will use to try connect with.  So now all you have to do is set up  your lists of websites to go to the loop back address instead of the intended website.
   

You either open (or create the Hosts it if it does not exist) with Word pad(don't use notepad because it will save the file with a .txt extension.  If you must use notepad, edit the file name such that it does not contain the extension).    

The first line in the Hosts file must be:
127.0.0.1  localhost

Now you can add any website you want after that:

127.0.0.1    localhost
127.0.0.1    www.Yahoo.com
127.0.0.1    www.PervertsRUs.com
127.0.0.1    www. AnyWebsiteYouWant.com

If you don't want to spend spend a lot of time creating a hosts file, there are tons of them on the Internet.  Just make sure you have Win Zip 9 SR-1 loaded on your machine to protect yourself from the known Zip file secuirty bug or just download a Hosts file from a trusted website.

Note that any line that begins with a "#" is a comment.  So lets say you wanted to temporarily unblock a webiste, you just put a # in front of it.  For example, lets say I wanted to unbock Yahoo, I would do it like this:

127.0.0.1    localhost
#127.0.0.1    www.Yahoo.com
127.0.0.1    www.PervertsRUs.com
127.0.0.1    www. AnyWebsiteYouWant.com

No every time you try to connect to yahoo, IE will get the correct address from the DNS server instea of the Hosts file.

The really slick thing with this blocking mechanism is that you can now block any add server you want.  How about surfing with no adds? Pretty cool for those folks who are still stuck with a dial up connection. Saves lots of time if you don't have to wait for all those mega bit graphial adds to load.

If you are using a different browser(which I would recommend for any business because of all the security holes in IE), the process is similar but a little more complicated.
 
For further reading, go to the following URL:
http://www.mvps.org/winhelp2002/hosts.htm
0
 
LVL 6

Expert Comment

by:acmp
ID: 12398668
There are several good suggestions that could solve the problem.

Maybe a split would be in order.

acmp<><
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Driver Problem 12 94
mobile app idea 17 88
wireless name in LAN adapter 14 69
Problem: Word 2016 cannot import a .vsdx created with Visio 2013 6 54
This article describes how to use the timestamp of existing data in a database to allow Tableau to calculate the prior work day instead of relying on case statements or if statements to calculate the days of the week.
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question