Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Internet Access Using White List Only

Posted on 2004-10-07
9
Medium Priority
?
441 Views
Last Modified: 2013-12-04
Hi all,

I'd like to limit internet access on one of my office computers to a list that I define ("white list").  I know there are a couple programs that do this and more (spectorsoft), but I'm looking for something that does only this .... the browser on the computer is IE 6.0, and I'm not concerned about blocking other applications other than IE 6.0.

The OS is Win 2000 PRO.

Thanks in advance for your help.

B.
0
Comment
Question by:bmelnick
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
9 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 1000 total points
ID: 12251298
Filtering Internet access

*****Method one******
Pro's EASY TO DO.    CON's NOT GOOD FOR LOTS OF CLIENTS.

How you approach this depends on how many users you are talking about, if its just a few users, the simplest way is to modify the host file on each PC and put an entry in it for each domain you DONT want the users to access and point them to 127.0.0.1 (you can edit the hostile with notepad or this, http://members.shaw.ca/techcd/VB_Projects/HostsFileReader.exe
For example to block www.hotmail.com add this line to the end of the host file.

127.0.0.1     www.hotmail.com

NB in win 95/98/ME the host file is at C:\windows\hosts.sam (save it WITHOUT the. Sam extension and reboot)
In windows 2000 the host file is at C:\winnt\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)
In Windows XP the host file is at C:\windows\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)

*****Method Two*****
Pro's Easy to administer. CON's Expensive & NOT PRACTICAL FOR HOME USERS.

Give all your clients access to the Internet via a Proxy Server than can filter and block websites.
ISA Server http://www.microsoft.com/isaserver/
WinProxy http://www.winproxy.com/index.asp

*****Method Three*****
Pro's Very scalable from home user to businesses.  CON's Can Be Expensive

Use some third party software to do it for you.

Home Users see
Net Nanny http://store.netnanny.com/dr/v2/ec_dynamic.main?sp=1&pn=12&sid=53
Cyber Sitter http://www.cybersitter.com/
Home users/Small business's See
CyberPatrol http://www.cyberpatrol.com/
Business's See
WebSense http://www.websense.com/
WebMarshal http://www.nwtechusa.com/webmarshal.php?iorb=4764&sc=106

*****Other options*****
How do I use IPSec IP filter lists?
http://www.jsifaq.com/subj/tip4500/rh4554.htm

How can I block a Windows 2000/XP/2003 computer from surfing on the Internet?
http://www.petri.co.il/block_web_browsing_with_ipsec.htm

Internet Explorer Administration Kit (IEAK) 6 SP1 enables the most cost-effective and efficient way to deploy and manage Web-based solutions.
http://www.microsoft.com/windows/ieak/default.mspx
0
 

Author Comment

by:bmelnick
ID: 12251633
Method one is the closest, just in reverse of what I'm hoping for.

A lot of the options in Method 3 I'm familiar with, however I would like something not as robust as those options.

B
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 1000 total points
ID: 12253403
all you have to do is go to the computers network card configuration and do not list any DNS server.  That way whenver the user types in www.google.com for example, there will be no DNS server to resolve www.google.com to google's IP address.

as far as the part about letting the user get to SOME sites (or your local servers)  all you have to do is edit the hosts file and manually put in the DNS names and correct IP addresses of the sites/servers.  

The host file is located at:  C:\windows\system32\drivers\etc\  open the file hosts with notepad and edit it.

0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:bmelnick
ID: 12253815
Mike,

So, correct me if I'm wrong ....

Remove DNS server settings from the TCP/IP settings.  This will only enable people to type in the actual IP address for the website they are searching for (not a big concern as I'm dealing with computer retarded people.

Then edit the hosts file and put in eg:
64.233.167.99      www.google.ca


I assume this will affect all programs that use the internet (MSN Messenger, mySQL accessing a remote location, etc ...)

Thanks,
B
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12256566
correct
correct
correct = and domains if you have them

:)
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12258032
as pete said,, that is correct
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question