Solved

Restrict access to all websites using the hosts file

Posted on 2006-12-01
4
504 Views
Last Modified: 2008-02-01
I need to restrict access to all websites except a few internal sites on a terminal server.

Is it possible to do this using the host file?  Is there wildcard I can use to direct all sites to loopback?
0
Comment
Question by:lou6150
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
nitsud01 earned 400 total points
ID: 18056502
There are a ton of ways.... One easy way to accomplish this....

For each computer that requires web access restriction....

Assign the computer an IP addresses within a predetermined "web restriction" scope (IP range) This will make it easier to specify the computers that you need to restrict in your firewall....
For instance... On my network, any IP addresses below 10.10.209.100 (ie 10.10.209.2-10.10.209.99) have internet access, all ip addresses above, do not... (i.e. 10.10.209.100-10.10.209.254)...

Block outgoing port 80 traffic in your router/firewall for the scope of ip addresses you've reserved for web restriction addresses...

If you have a linksys router, you'll need to use the "Blocked Services" section in the router web admin app....

Hope that helps...
0
 

Author Comment

by:lou6150
ID: 18056827
Unfortunately we have limitations which prevents me from doing most of those suggestions.

Intstead I simply put in bad DNS server addresses, created entries in the host file for the sites we need.

Thank you for your help though.
0
 
LVL 2

Expert Comment

by:nitsud01
ID: 18057227
No problem.... but, do you mean that you put "bad" DNS server addresses in the TCP/IP properties of the domain client's (terminal server's) NIC? or did you make changes to the DNS server's records themselves?

Though the solution you posted may achieve your goal, you will likely run into problems later if your DNS properties in your domain client's NICs do not point to the Primary DC or whatever server is running DNS... Slow logon/logoff times, intermittent script execution, among a billion other things, will be symptomatic of DNS problems.... Let me know if you run into other problems as you may need a different solution in the future than the one you've decided on currently.

But, I sincerely hope you DO NOT have problems, and that everything works out well... Just keep in mind, if you start seeing flaky behavior after today, look to your "bad" DNS entries first.....

Thanks for the points!
0
 

Author Comment

by:lou6150
ID: 18057408
You are absolutely right.  I didn't run into any problems, but shortly after posting I ended up forcing IE and Mozilla on that server to use a proxy instead, since web browsing is the only concern.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question