Solved

blocking / redirecting office users from certain websites

Posted on 2006-11-01
10
229 Views
Last Modified: 2010-03-18
we have a few users that visit a few time wasting websites in the office and i would to somehow block those sites or redirect them to other sites. we have a basic  windows 2003 domain with a sonic wall firewall and a cisco 1700 router provided by our isp.
what would be the best / easiest way to do this? can it be done using their hosts file?
should it be done on the router instead?
-pH
0
Comment
Question by:-pH
  • 5
  • 4
10 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17852065
You can easily add an entry to the hosts file such as
127.0.0.1  some.website.com
If you have numerous users, that could be updated by adding a couple of lines to the user's logon script, but if the Sonicwall has the capabilities of blocking sites or domains, that would be easier to centrally manage.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17852121
Filtering Internet access

*****Method one******
Pro's EASY TO DO.    CON's NOT GOOD FOR LOTS OF CLIENTS.

How you approach this depends on how many users you are talking about, if its just a few users, the simplest way is to modify the host file on each PC and put an entry in it for each domain you DONT want the users to access and point them to 127.0.0.1 (you can edit the hostile with notepad or this, http://members.shaw.ca/techcd/VB_Projects/HostsFileReader.exe
For example to block www.hotmail.com add this line to the end of the host file.

127.0.0.1     www.hotmail.com

NB in win 95/98/ME the host file is at C:\windows\hosts.sam (save it WITHOUT the. Sam extension and reboot)
In windows 2000 the host file is at C:\winnt\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)
In Windows XP the host file is at C:\windows\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)

*****Method Two*****
Pro's Easy to administer. CON's Expensive & NOT PRACTICAL FOR HOME USERS.

Give all your clients access to the Internet via a Proxy Server than can filter and block websites.
ISA Server http://www.microsoft.com/isaserver/
WinProxy http://www.winproxy.com/index.asp

*****Method Three*****
Pro's Very scalable from home user to businesses.  CON's Can Be Expensive

Use some third party software to do it for you.

Home Users see
Net Nanny http://store.netnanny.com/dr/v2/ec_dynamic.main?sp=1&pn=12&sid=53
Cyber Sitter http://www.cybersitter.com/
Home users/Small business's See
CyberPatrol http://www.cyberpatrol.com/
iProtectYou 3.01 http://www.download.com/iProtectYou/3000-2132_4-10137322.html?tag=lst-0-2 (FREEWARE)

Business's See
WebSense http://www.websense.com/
WebMarshal http://www.nwtechusa.com/webmarshal.php?iorb=4764&sc=106

*****Other options*****
How do I use IPSec IP filter lists?
http://www.jsifaq.com/subj/tip4500/rh4554.htm

How can I block a Windows 2000/XP/2003 computer from surfing on the Internet?
http://www.petri.co.il/block_web_browsing_with_ipsec.htm

Internet Explorer Administration Kit (IEAK) 6 SP1 enables the most cost-effective and efficient way to deploy and manage Web-based solutions.
http://www.microsoft.com/windows/ieak/default.mspx
0
 
LVL 1

Author Comment

by:-pH
ID: 17852540
its only a couple users that need to be regulated.
i tried editing the host file last night before posting this and it didn't work so i thought i may had done it worng. i just tried again and still nothing. i logged out and back in and again nothing.
any ideas?
host is not saved as a .txt
the entry is 127.0.0.1           www.match.com
i have tried  127.0.0.1           match.com      also to no avail.
-pH

0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 17852680
Hosts file has a few "oddities".
After entering your line such as    127.0.0.1     www.match.com    make sure you hit return (carriage return), and save without an extension, though it seems you have done this.
Then you can try purging and re-loading your name cache, using:
nbtstat  -R
and then viewing the updated cache using:
nbtstat  -c
Note 'R' and 'c' are case sensitive.
0
 
LVL 1

Author Comment

by:-pH
ID: 17852767
i tried that, but again it didn't work.
is it necessary to do a complete restart on the machine?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 17853183
>>"is it necessary to do a complete restart on the machine?"
No, not at all. actually I apologize nbtstat will only reload/display local NetBIOS names.
I just did a test with www.google.com and it required no reloading, restarting, or log off. You can view the list of cached DNS names and IP's with
ipconfig  /displaydns
and flush with
ipconfig  /flushdns

I assume you are using the existing hosts file in the default location and not creating a new one somewhere else ?
c:\windows\system32\drivers\etc\hosts
0
 
LVL 1

Author Comment

by:-pH
ID: 17853662
for some reason it is just not working. even after fluching and registering dns.
i am kinda stumped as to why it would not allow me to do this.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17853679
Have you tried it on a second machine?
0
 
LVL 1

Author Comment

by:-pH
ID: 17853983
thanks, problem was it wasn't saving properly. it would only save as a .txt no matter what i tried. all is good now.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17854084
Ah !  That would do it. If ever you have the problem again save with quotations such as "hosts"

Thanks -pH, though perhaps since you used the hosts file, points should be split with PeteLong, since he initially provided additional useful details concerning it's use.
Cheers,
--Rob
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now