Solved

url filtering

Posted on 2006-11-05
7
2,608 Views
Last Modified: 2008-01-09
What is the best free solution to provide access to only a select set of websites like a white list.  Our office currently uses a WebRamp (RampNetworks was purchased by Nokia and later shut down).  It is limited to 255 allowed addresses.  I was looking at using IPCop with the URL Filter add on.  I'm comfortable with installing a router package like those and M0n0wall, but probably wouldn't make it through manually configuring Squid or the like.  Thoughts on Redwall fireall, pfSense, Smoothwall?  Any insight would be great.  Thanks.
0
Comment
Question by:mhab12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 300 total points
ID: 17878267
Do you have a Windows server and do you have an internal DNS?
An internal DNS server is the simplest solution. Don't add forwarders or root hints, just add records for those individual sites that you want to connect to. Block outbound dns at the router.
What type of WAN connection do you have? Many routers like Linksys have this capability to set up a white list.
0
 

Author Comment

by:mhab12
ID: 17878303
We do run a Windows DNS server, however the issue is that certain clients use a different default gateway to have unrestricted access while others use this gateway to receive only filtered access.  Both groups of clients use the same DNS server for local name resolution, and right now for WAN name resolution as well.

More of my current situation is in a another question...
http://www.experts-exchange.com/Networking/Q_22049832.html
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17878369
A 2nd DNS server would be simple to set up. One to serve only the restricted users.

Any Windows server or any Linux box would work.
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 

Author Comment

by:mhab12
ID: 17878442
What would be the situation with an unrestricted client from DNS1 trying to access a restricted DHCP client from DNS2 or vice versa?  Currently records are created via DHCP or by Windows clients (register this connection's address in DNS).  I really like your solution and can't believe how easy it would be to administer.  Talk me through how the two DNS databases could be synced or otherwise communicate.
0
 

Author Comment

by:mhab12
ID: 17878950
Another thought...would these entries in the filtering DNS server be static?  Would I have to update them whenever the target IP of a given URL actually changed?
0
 
LVL 13

Assisted Solution

by:prashsax
prashsax earned 200 total points
ID: 17885067
You can use a proxy server. If you want you can buy WinProxy. It has URL filtering support.

If you don't want to buy one, then you can try SquidNT. Its a squid proxy server for Windows Platform.
And you can configure it to do the URL filtering.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17886803
That's one problem with a white list. It's a manual process and urls and ips are always subject to change.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses
Course of the Month7 days, 9 hours left to enroll

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question