Solved

whitelist batch file

Posted on 2010-08-19
5
976 Views
Last Modified: 2013-12-08
We have a problem of viruses here. I would like to know a way (free) of whitelisting web sites that I can easily maintain and do not haft to run to every computer and change.

I was wondering if there was a way to make a batch file or some file to execute upon an end user logging into the domain to only whitelist certain sites for them to access through internet explorer of firefox.
 
0
Comment
Question by:pchmark
5 Comments
 
LVL 7

Expert Comment

by:Dk_guru
ID: 33475565
You can normally do this from your router or firewall... allowing certain computers through or none at all.  Is it required to be controlled from the local machine?
0
 

Author Comment

by:pchmark
ID: 33475918
yes, but i would prefer this to be done on a group or by user basis
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 33476711
have you considered a pac file? that lets you define routing rules on a per-host (or per ip) basis, so you can block all but selected destinations.

http://en.wikipedia.org/wiki/Proxy_auto-config

best bit is - you can define the location in dhcp or by creating a dns entry for wpad.yourdomain - by running an appropriate webserver, you have a single point on your network where the file is stored, and you can redirect, block, or otherwise configure every browser on your network without having to visit each one (plus using the pac file if available is the default on most browsers, even non-windows ones)
0
 
LVL 1

Accepted Solution

by:
infinitous earned 500 total points
ID: 33477317
You can do this with a bat file if you are willing to use I.E.'s trusted sites.  The syntax for the batch file would be:
@ECHO OFF
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\[domain.suffix]\[subdomain]" /t "REG_DWORD" /v "HTTP[s]" /d "2" /F

an example would be:
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\exptech.net\www" /t "REG_DWORD" /v "HTTP" /d "2" /F

Or, if no subdomain is needed (i.e. *.domain.com):
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\exptech.net" /t "REG_DWORD" /v "HTTP" /d "2" /F

Please also note that the data (/d) value will always be 2, however the value (/v) will need to be changed depending on the protocol used (https or http).

Along with that bat file, I would use group policy to increase the security on the internet zone so users can't browse most files.

0
 
LVL 61

Expert Comment

by:btan
ID: 33498250
This link would be useful on GPO for IE config
@ http://www.grouppolicy.biz/tag/white-list/

Typically you will want to configure the proxy that does this filtering hence the use of wpad etc. You may want to check out Blue Coat K9 Web Protection is one free home use software, you may want to test it out first before making the decision whether to purchase. It can go quite granular. It does not do whitelist directly but it would be configurable and it has real time update based on its dynamic page-rating technology
@ http://www1.k9webprotection.com/aboutk9/overview

0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now