Solved

Block about 3 websites

Posted on 2009-07-09
13
217 Views
Last Modified: 2013-12-08
ok, i've seen alot of questions on this but they seem old and i need to get this done.

the boss called and said to block a single user from myspace, facebook etc....

So, i went into the router, Netgear FVX538 and put her machine into a group and blocked that group from those sites via keyword blocking.  Well, that did it but the problem is that now the internet speed is greatly reduced to the point im getting lots of calls.  The user called first and then others that arent even being blocked are calling.
We are running a domain enviroment with:
DNS server
DHCP
Active Directory

0
Comment
Question by:gw6211
  • 6
  • 4
  • 3
13 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24814936
If you user does not move machine ever - modify her hosts file to include www.facebook.com and add the IP 127.0.0.1 which will ask it to search for the website on her local machine.
The hosts file is located in c:\windows\system32\drivers\etc
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24814978
Lift the firewall restriction and your life will be happier once more.
Add as many websites as you need to the hosts file.  The user will get a Site COuld Not Be Found message.
You can also remotely modify the file too - so the user is totally unaware you made any changes.
0
 
LVL 7

Expert Comment

by:namol
ID: 24815062
The host file method would be the simplest way of doing things but it could always be fixed by the user. Which version of internet explorer does the user have?
0
 

Author Comment

by:gw6211
ID: 24815070
ok, that sounds good, acutally both of you, i have never modified a host file before, so i will need some help on that if you dont  mind.
0
 

Author Comment

by:gw6211
ID: 24815096
namol, IE7 and im not so sure she is capable for one, and two, she is a RESTRICTED user from previous problems so, would a program even have the rights to change the host or get around it?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 24815123
Start Run [type] notepad \\userscomputer\c$\windows\system32\drivers\etc\hosts - this assumes you have admin rights.  If not, do this on the server.
Then simply add:
127.0.0.1   [tab]   www.facebook.com
127.0.0.1   [tab]   www.myspace.com etc.
You can set this to copy down every day in their login script to stop them overwriting it/ modifying it etc.
Sounds like namol has other options up his sleeve!
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 7

Assisted Solution

by:namol
namol earned 250 total points
ID: 24815142
If this is on XP\2000\Vista the file will be located in %SystemRoot%\system32\drivers\etc\.
On the user's pc, open this file with notepad. You'll see some examples in there like this:

#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
#Add These Lines to Block Facebook/myspace/youtube/etc
127.0.0.1 facebook.com
127.0.0.1 myspace.com
127.0.0.1 youtube.com
127.0.0.1 twitter.com

Etc
0
 

Author Comment

by:gw6211
ID: 24815181
wow, good job everyone, i need a moderator to figure out points as all of you answered.  if i select multiple soultions does it give the 500 points to all or does it spit it?
0
 
LVL 7

Expert Comment

by:namol
ID: 24815205
Since you are using active directory, another approach you can with is using Active Directory to control ipsec rules for filter or you can setup a proxy of some sort (squid/squid guard/a barracuda webfilter etc) that would allow finer control of web activity.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24815251
If you choose multiple solutions, you get to split the points however you feel.
0
 

Author Comment

by:gw6211
ID: 24815284
ok, thanks alan, one last question, on your solution

Start Run [type] notepad \\userscomputer\c$\windows\system32\drivers\etc\hosts - this assumes you have admin rights.  If not, do this on the server.

Then simply add:

127.0.0.1   [tab]   www.facebook.com

127.0.0.1   [tab]   www.myspace.com etc.

does this replace the host file or add one or modify the current one?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24815302
Modifies the existing one.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24815316
Lose the www part from my entry - probably best to just put the domain as NAMOL has put.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

How many times have you been browsing the internet, with multiple tabs open, and closed the wrong one? Have you ever clicked 'Close all tabs' instead of 'Close current tab' ? Internet Explorer 8 now brings to you, what Firefox has had for a wh…
Several part series to implement Internet Explorer 11 Enterprise Mode
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now