• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

blocking / redirecting office users from certain websites

we have a few users that visit a few time wasting websites in the office and i would to somehow block those sites or redirect them to other sites. we have a basic  windows 2003 domain with a sonic wall firewall and a cisco 1700 router provided by our isp.
what would be the best / easiest way to do this? can it be done using their hosts file?
should it be done on the router instead?
  • 5
  • 4
1 Solution
Rob WilliamsCommented:
You can easily add an entry to the hosts file such as  some.website.com
If you have numerous users, that could be updated by adding a couple of lines to the user's logon script, but if the Sonicwall has the capabilities of blocking sites or domains, that would be easier to centrally manage.
Pete LongTechnical ConsultantCommented:
Filtering Internet access

*****Method one******

How you approach this depends on how many users you are talking about, if its just a few users, the simplest way is to modify the host file on each PC and put an entry in it for each domain you DONT want the users to access and point them to (you can edit the hostile with notepad or this, http://members.shaw.ca/techcd/VB_Projects/HostsFileReader.exe
For example to block www.hotmail.com add this line to the end of the host file.     www.hotmail.com

NB in win 95/98/ME the host file is at C:\windows\hosts.sam (save it WITHOUT the. Sam extension and reboot)
In windows 2000 the host file is at C:\winnt\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)
In Windows XP the host file is at C:\windows\system32\drivers\etc\hosts (you can edit directly and NO reboot is required)

*****Method Two*****
Pro's Easy to administer. CON's Expensive & NOT PRACTICAL FOR HOME USERS.

Give all your clients access to the Internet via a Proxy Server than can filter and block websites.
ISA Server http://www.microsoft.com/isaserver/
WinProxy http://www.winproxy.com/index.asp

*****Method Three*****
Pro's Very scalable from home user to businesses.  CON's Can Be Expensive

Use some third party software to do it for you.

Home Users see
Net Nanny http://store.netnanny.com/dr/v2/ec_dynamic.main?sp=1&pn=12&sid=53
Cyber Sitter http://www.cybersitter.com/
Home users/Small business's See
CyberPatrol http://www.cyberpatrol.com/
iProtectYou 3.01 http://www.download.com/iProtectYou/3000-2132_4-10137322.html?tag=lst-0-2 (FREEWARE)

Business's See
WebSense http://www.websense.com/
WebMarshal http://www.nwtechusa.com/webmarshal.php?iorb=4764&sc=106

*****Other options*****
How do I use IPSec IP filter lists?

How can I block a Windows 2000/XP/2003 computer from surfing on the Internet?

Internet Explorer Administration Kit (IEAK) 6 SP1 enables the most cost-effective and efficient way to deploy and manage Web-based solutions.
-pHAuthor Commented:
its only a couple users that need to be regulated.
i tried editing the host file last night before posting this and it didn't work so i thought i may had done it worng. i just tried again and still nothing. i logged out and back in and again nothing.
any ideas?
host is not saved as a .txt
the entry is           www.match.com
i have tried           match.com      also to no avail.

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Rob WilliamsCommented:
Hosts file has a few "oddities".
After entering your line such as     www.match.com    make sure you hit return (carriage return), and save without an extension, though it seems you have done this.
Then you can try purging and re-loading your name cache, using:
nbtstat  -R
and then viewing the updated cache using:
nbtstat  -c
Note 'R' and 'c' are case sensitive.
-pHAuthor Commented:
i tried that, but again it didn't work.
is it necessary to do a complete restart on the machine?
Rob WilliamsCommented:
>>"is it necessary to do a complete restart on the machine?"
No, not at all. actually I apologize nbtstat will only reload/display local NetBIOS names.
I just did a test with www.google.com and it required no reloading, restarting, or log off. You can view the list of cached DNS names and IP's with
ipconfig  /displaydns
and flush with
ipconfig  /flushdns

I assume you are using the existing hosts file in the default location and not creating a new one somewhere else ?
-pHAuthor Commented:
for some reason it is just not working. even after fluching and registering dns.
i am kinda stumped as to why it would not allow me to do this.
Rob WilliamsCommented:
Have you tried it on a second machine?
-pHAuthor Commented:
thanks, problem was it wasn't saving properly. it would only save as a .txt no matter what i tried. all is good now.
Rob WilliamsCommented:
Ah !  That would do it. If ever you have the problem again save with quotations such as "hosts"

Thanks -pH, though perhaps since you used the hosts file, points should be split with PeteLong, since he initially provided additional useful details concerning it's use.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now