Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

blocking / redirecting office users from certain websites

Posted on 2006-11-01
10
Medium Priority
?
239 Views
Last Modified: 2010-03-18
we have a few users that visit a few time wasting websites in the office and i would to somehow block those sites or redirect them to other sites. we have a basic  windows 2003 domain with a sonic wall firewall and a cisco 1700 router provided by our isp.
what would be the best / easiest way to do this? can it be done using their hosts file?
should it be done on the router instead?
-pH
0
Comment
Question by:-pH
  • 5
  • 4
10 Comments
 
LVL 78

Expert Comment

by:Rob Williams
ID: 17852065
You can easily add an entry to the hosts file such as
127.0.0.1  some.website.com
If you have numerous users, that could be updated by adding a couple of lines to the user's logon script, but if the Sonicwall has the capabilities of blocking sites or domains, that would be easier to centrally manage.
0
 
LVL 58

Expert Comment

by:Pete Long
ID: 17852121
Filtering Internet access

*****Method one******
Pro's EASY TO DO.    CON's NOT GOOD FOR LOTS OF CLIENTS.

How you approach this depends on how many users you are talking about, if its just a few users, the simplest way is to modify the host file on each PC and put an entry in it for each domain you DONT want the users to access and point them to 127.0.0.1 (you can edit the hostile with notepad or this, http://members.shaw.ca/techcd/VB_Projects/HostsFileReader.exe
For example to block www.hotmail.com add this line to the end of the host file.

127.0.0.1     www.hotmail.com

NB in win 95/98/ME the host file is at C:\windows\hosts.sam (save it WITHOUT the. Sam extension and reboot)
In windows 2000 the host file is at C:\winnt\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)
In Windows XP the host file is at C:\windows\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)

*****Method Two*****
Pro's Easy to administer. CON's Expensive & NOT PRACTICAL FOR HOME USERS.

Give all your clients access to the Internet via a Proxy Server than can filter and block websites.
ISA Server http://www.microsoft.com/isaserver/
WinProxy http://www.winproxy.com/index.asp

*****Method Three*****
Pro's Very scalable from home user to businesses.  CON's Can Be Expensive

Use some third party software to do it for you.

Home Users see
Net Nanny http://store.netnanny.com/dr/v2/ec_dynamic.main?sp=1&pn=12&sid=53
Cyber Sitter http://www.cybersitter.com/
Home users/Small business's See
CyberPatrol http://www.cyberpatrol.com/
iProtectYou 3.01 http://www.download.com/iProtectYou/3000-2132_4-10137322.html?tag=lst-0-2 (FREEWARE)

Business's See
WebSense http://www.websense.com/
WebMarshal http://www.nwtechusa.com/webmarshal.php?iorb=4764&sc=106

*****Other options*****
How do I use IPSec IP filter lists?
http://www.jsifaq.com/subj/tip4500/rh4554.htm

How can I block a Windows 2000/XP/2003 computer from surfing on the Internet?
http://www.petri.co.il/block_web_browsing_with_ipsec.htm

Internet Explorer Administration Kit (IEAK) 6 SP1 enables the most cost-effective and efficient way to deploy and manage Web-based solutions.
http://www.microsoft.com/windows/ieak/default.mspx
0
 
LVL 1

Author Comment

by:-pH
ID: 17852540
its only a couple users that need to be regulated.
i tried editing the host file last night before posting this and it didn't work so i thought i may had done it worng. i just tried again and still nothing. i logged out and back in and again nothing.
any ideas?
host is not saved as a .txt
the entry is 127.0.0.1           www.match.com
i have tried  127.0.0.1           match.com      also to no avail.
-pH

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 78

Expert Comment

by:Rob Williams
ID: 17852680
Hosts file has a few "oddities".
After entering your line such as    127.0.0.1     www.match.com    make sure you hit return (carriage return), and save without an extension, though it seems you have done this.
Then you can try purging and re-loading your name cache, using:
nbtstat  -R
and then viewing the updated cache using:
nbtstat  -c
Note 'R' and 'c' are case sensitive.
0
 
LVL 1

Author Comment

by:-pH
ID: 17852767
i tried that, but again it didn't work.
is it necessary to do a complete restart on the machine?
0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 17853183
>>"is it necessary to do a complete restart on the machine?"
No, not at all. actually I apologize nbtstat will only reload/display local NetBIOS names.
I just did a test with www.google.com and it required no reloading, restarting, or log off. You can view the list of cached DNS names and IP's with
ipconfig  /displaydns
and flush with
ipconfig  /flushdns

I assume you are using the existing hosts file in the default location and not creating a new one somewhere else ?
c:\windows\system32\drivers\etc\hosts
0
 
LVL 1

Author Comment

by:-pH
ID: 17853662
for some reason it is just not working. even after fluching and registering dns.
i am kinda stumped as to why it would not allow me to do this.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 17853679
Have you tried it on a second machine?
0
 
LVL 1

Author Comment

by:-pH
ID: 17853983
thanks, problem was it wasn't saving properly. it would only save as a .txt no matter what i tried. all is good now.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 17854084
Ah !  That would do it. If ever you have the problem again save with quotations such as "hosts"

Thanks -pH, though perhaps since you used the hosts file, points should be split with PeteLong, since he initially provided additional useful details concerning it's use.
Cheers,
--Rob
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question