Solved

whitelist batch file

Posted on 2010-08-19
5
1,000 Views
Last Modified: 2013-12-08
We have a problem of viruses here. I would like to know a way (free) of whitelisting web sites that I can easily maintain and do not haft to run to every computer and change.

I was wondering if there was a way to make a batch file or some file to execute upon an end user logging into the domain to only whitelist certain sites for them to access through internet explorer of firefox.
 
0
Comment
Question by:pchmark
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 7

Expert Comment

by:Dk_guru
ID: 33475565
You can normally do this from your router or firewall... allowing certain computers through or none at all.  Is it required to be controlled from the local machine?
0
 

Author Comment

by:pchmark
ID: 33475918
yes, but i would prefer this to be done on a group or by user basis
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 33476711
have you considered a pac file? that lets you define routing rules on a per-host (or per ip) basis, so you can block all but selected destinations.

http://en.wikipedia.org/wiki/Proxy_auto-config

best bit is - you can define the location in dhcp or by creating a dns entry for wpad.yourdomain - by running an appropriate webserver, you have a single point on your network where the file is stored, and you can redirect, block, or otherwise configure every browser on your network without having to visit each one (plus using the pac file if available is the default on most browsers, even non-windows ones)
0
 
LVL 1

Accepted Solution

by:
infinitous earned 500 total points
ID: 33477317
You can do this with a bat file if you are willing to use I.E.'s trusted sites.  The syntax for the batch file would be:
@ECHO OFF
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\[domain.suffix]\[subdomain]" /t "REG_DWORD" /v "HTTP[s]" /d "2" /F

an example would be:
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\exptech.net\www" /t "REG_DWORD" /v "HTTP" /d "2" /F

Or, if no subdomain is needed (i.e. *.domain.com):
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\exptech.net" /t "REG_DWORD" /v "HTTP" /d "2" /F

Please also note that the data (/d) value will always be 2, however the value (/v) will need to be changed depending on the protocol used (https or http).

Along with that bat file, I would use group policy to increase the security on the internet zone so users can't browse most files.

0
 
LVL 63

Expert Comment

by:btan
ID: 33498250
This link would be useful on GPO for IE config
@ http://www.grouppolicy.biz/tag/white-list/

Typically you will want to configure the proxy that does this filtering hence the use of wpad etc. You may want to check out Blue Coat K9 Web Protection is one free home use software, you may want to test it out first before making the decision whether to purchase. It can go quite granular. It does not do whitelist directly but it would be configurable and it has real time update based on its dynamic page-rating technology
@ http://www1.k9webprotection.com/aboutk9/overview

0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
MS-Access 2002 error (Win XP on Win7Pro) 19 110
songs will not play in k love website 5 57
Mozilla Favorites 10 30
SAP HANA vulnerability threat report. 2 69
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question