How can I block some webites (Facebook.com) form being accessed by all network users within a Windows server 2003 domain?

Hi,

I need to know how can I go about blocking some users within a Windos server 2003 domain to access and view some websites in particular www.facebook.com? However I would like if possible to allow those users to access those blocked websites but only one or two hours a day.
I have a windows server 2003 with DNS and DHCP installed.
Can I configure DNS on the server in order to archive that?
I do not want to configure each computer manually!
WLMNAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
Go into your local DNS server, create a new zone called facebook.com, then create a new A record in that zone for host www and give it an ip address on your local LAN.
As long as local clients point to your DNS server they will never get a proper name resolution for www.facebook.com. Some users may be smart enough to figure out the IP address on their own and still be able to go directly to the IP address. To get around that, block the IP at the firewall.
0
 
felnyCommented:
Here there are a couple of software that could help you.

In your case, i would prefer surfcontrol. It is a good one, and ease to manag.

http://www.surfcontrol.com/
http://www.microsoft.com/isaserver/default.mspx
0
 
lrmooreCommented:
Create a bogus dns zone for facebook.com and an A record for www pointing to a local IP address that does not have a web server running.
Quick and dirty, zero cost.

0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
WLMNAuthor Commented:
Hi,
How can I create a Bogus DNS zone for facebook.com and an A record record for www pointing to a local IP Address?
0
 
WLMNAuthor Commented:
Hi,
If the IP Address of www.facebook.com is blocked on the firewall or internet router, What is the point is creating a DNS zone?
0
 
lrmooreCommented:
The IP's can change, the name won't.
Only the most saavy users will find a way around it and if you have that many saavy users and this is a problem, then you need to look at alternatives like a web content filter.
0
 
WLMNAuthor Commented:
Hi,
Thanks for the above answers.
ok...I understand you now..
I will try that and let you know abot the outcome!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.