Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

url filtering

Posted on 2006-11-05
7
Medium Priority
?
2,620 Views
Last Modified: 2008-01-09
What is the best free solution to provide access to only a select set of websites like a white list.  Our office currently uses a WebRamp (RampNetworks was purchased by Nokia and later shut down).  It is limited to 255 allowed addresses.  I was looking at using IPCop with the URL Filter add on.  I'm comfortable with installing a router package like those and M0n0wall, but probably wouldn't make it through manually configuring Squid or the like.  Thoughts on Redwall fireall, pfSense, Smoothwall?  Any insight would be great.  Thanks.
0
Comment
Question by:mhab12
  • 3
  • 3
7 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 900 total points
ID: 17878267
Do you have a Windows server and do you have an internal DNS?
An internal DNS server is the simplest solution. Don't add forwarders or root hints, just add records for those individual sites that you want to connect to. Block outbound dns at the router.
What type of WAN connection do you have? Many routers like Linksys have this capability to set up a white list.
0
 

Author Comment

by:mhab12
ID: 17878303
We do run a Windows DNS server, however the issue is that certain clients use a different default gateway to have unrestricted access while others use this gateway to receive only filtered access.  Both groups of clients use the same DNS server for local name resolution, and right now for WAN name resolution as well.

More of my current situation is in a another question...
http://www.experts-exchange.com/Networking/Q_22049832.html
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17878369
A 2nd DNS server would be simple to set up. One to serve only the restricted users.

Any Windows server or any Linux box would work.
0
Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

 

Author Comment

by:mhab12
ID: 17878442
What would be the situation with an unrestricted client from DNS1 trying to access a restricted DHCP client from DNS2 or vice versa?  Currently records are created via DHCP or by Windows clients (register this connection's address in DNS).  I really like your solution and can't believe how easy it would be to administer.  Talk me through how the two DNS databases could be synced or otherwise communicate.
0
 

Author Comment

by:mhab12
ID: 17878950
Another thought...would these entries in the filtering DNS server be static?  Would I have to update them whenever the target IP of a given URL actually changed?
0
 
LVL 13

Assisted Solution

by:prashsax
prashsax earned 600 total points
ID: 17885067
You can use a proxy server. If you want you can buy WinProxy. It has URL filtering support.

If you don't want to buy one, then you can try SquidNT. Its a squid proxy server for Windows Platform.
And you can configure it to do the URL filtering.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17886803
That's one problem with a white list. It's a manual process and urls and ips are always subject to change.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question