Solved

url filtering

Posted on 2006-11-05
7
2,599 Views
Last Modified: 2008-01-09
What is the best free solution to provide access to only a select set of websites like a white list.  Our office currently uses a WebRamp (RampNetworks was purchased by Nokia and later shut down).  It is limited to 255 allowed addresses.  I was looking at using IPCop with the URL Filter add on.  I'm comfortable with installing a router package like those and M0n0wall, but probably wouldn't make it through manually configuring Squid or the like.  Thoughts on Redwall fireall, pfSense, Smoothwall?  Any insight would be great.  Thanks.
0
Comment
Question by:mhab12
  • 3
  • 3
7 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 300 total points
ID: 17878267
Do you have a Windows server and do you have an internal DNS?
An internal DNS server is the simplest solution. Don't add forwarders or root hints, just add records for those individual sites that you want to connect to. Block outbound dns at the router.
What type of WAN connection do you have? Many routers like Linksys have this capability to set up a white list.
0
 

Author Comment

by:mhab12
ID: 17878303
We do run a Windows DNS server, however the issue is that certain clients use a different default gateway to have unrestricted access while others use this gateway to receive only filtered access.  Both groups of clients use the same DNS server for local name resolution, and right now for WAN name resolution as well.

More of my current situation is in a another question...
http://www.experts-exchange.com/Networking/Q_22049832.html
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17878369
A 2nd DNS server would be simple to set up. One to serve only the restricted users.

Any Windows server or any Linux box would work.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:mhab12
ID: 17878442
What would be the situation with an unrestricted client from DNS1 trying to access a restricted DHCP client from DNS2 or vice versa?  Currently records are created via DHCP or by Windows clients (register this connection's address in DNS).  I really like your solution and can't believe how easy it would be to administer.  Talk me through how the two DNS databases could be synced or otherwise communicate.
0
 

Author Comment

by:mhab12
ID: 17878950
Another thought...would these entries in the filtering DNS server be static?  Would I have to update them whenever the target IP of a given URL actually changed?
0
 
LVL 13

Assisted Solution

by:prashsax
prashsax earned 200 total points
ID: 17885067
You can use a proxy server. If you want you can buy WinProxy. It has URL filtering support.

If you don't want to buy one, then you can try SquidNT. Its a squid proxy server for Windows Platform.
And you can configure it to do the URL filtering.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17886803
That's one problem with a white list. It's a manual process and urls and ips are always subject to change.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
FTP output from Wireshak 6 50
Device same like our heart 12 47
Nic to NIC 5 46
Use of Training Budget 12 69
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now