Solved

Restricted Internet via Web Browser?

Posted on 2010-08-29
21
748 Views
Last Modified: 2013-12-08
hi experts

My friend is a network administrator and on behalf of him, i would like to know that:

Is it possible to restrict websites such as facebook, twitter just via Internet Explorer (or any other browser) and not using any other third party software for doing the same? if yes, how could that be done and if how could that be avioded/break?

What he (my friend) has seen in one small organization was that no third party tools were installed that could log the internet traffic for the employees, yet they were not able to access social networking websites, online documents websites etc

P.S.: My intention is not encourage any kind of suspcious activity/piracy or violation of EE rules and regulations

thanks
0
Comment
Question by:meispisces
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 4
  • +6
21 Comments
 
LVL 10

Expert Comment

by:Jini Jose
ID: 33556073
if a system administrator wants to block any website, he can do simply.
in an office all the internet connection is going through a server. so if they installed any software in that server, you can not identify that. and you cannot break that.
they can simply watch the browser activity of any computer connected to that server.
0
 
LVL 5

Expert Comment

by:TimAllan
ID: 33556079
Yes, you can restrict certain sites by adding entries to the local "hosts" file located under : C:\Windows\System32\drivers\etc

Put in an entry similar to this :
127.0.0.1  www.facebook.com

The user will just get a 404 Error... :)
0
 
LVL 7

Author Comment

by:meispisces
ID: 33556085
@gmailjini: Thanks for the comment,
The software that they be installing in server say XYZ, then XYZ client version is not needed on client computers to be installed?
0
Windows running painfully slow? Try these tips..

Stay away from Speed Up Computer Programs that do more harm than good.
Try these tips instead.
Step by step instructions in trouble shooting Windows Performance issues.

 
LVL 4

Accepted Solution

by:
goyal_251 earned 100 total points
ID: 33556086
Yes can add the entry in host file.
go to c:\windows\system32\drivers\etc
open hosts file in note pad
127.0.0.1       facebook.com
127.0.0.1       twitter.com
and so on you can add any number of site..it will redirect the request to local machine.hence page would not open
0
 
LVL 10

Expert Comment

by:Jini Jose
ID: 33556094
meispisces

there is no need for a client software.

if the server is Linux, then there is a software available is Squid.
if it is windows then there are lots of software available for doing that.

can u please tell what is the error message comes when u accessing the blocked sites ?
0
 
LVL 7

Author Comment

by:meispisces
ID: 33556119
@gmailjini: Error message that was coming was a standard error message: "Internet Explorer cannot display the webpage" (when accessing in IE)
When accessing in MF, the error message is "Unable to connect. Firefox can't establish a connection to the server at 127.0.0.1:2372"
0
 
LVL 5

Expert Comment

by:TimAllan
ID: 33556136
You will get that error when you change the 'hosts' file.  The users will just think the web page is down....for a very long time and get the hint :)
0
 
LVL 7

Author Comment

by:meispisces
ID: 33556163
@TimAllan: So what needs to be done in that case?\
0
 
LVL 10

Expert Comment

by:Jini Jose
ID: 33556225
@meispisces

TimAllan is correct. i think it is not blocked through the server.

what is your intention ? to break the block ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33556243
I would suggest to use PROXY server. Then you can simply control patterns, attachments, content, white lists, black lists aso. The most simple and free solution is SQUID (it works in bunch of Linux editions, FreeBSD, openBSD). YOu can manage whole Internet traffic in central store (SQUID) not in hosts file (which is painful :/) Alternative solution could be ISA or ForeFront Security (but it is paid solution).
0
 
LVL 7

Author Comment

by:meispisces
ID: 33556245
@gmailjini:No my intention is only to know how to block the websites without using 3rd party tools as i was unaware about the same.
 
 
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33556266
Without 3rd party solutin it is a nightmare!
0
 
LVL 6

Expert Comment

by:syedyounus
ID: 33556385
without 3rd party solutions it will not work in a foolproof manner, since some advance users will check the host file & they will edit it.

0
 
LVL 5

Assisted Solution

by:TimAllan
TimAllan earned 100 total points
ID: 33556457
@meispisces
If the users are not administrators to the machine, then they shouldn't be able to edit the file.  All you need to do is edit that "hosts" file in the directory mentioned above with the sites you wish to block.  We do a similar thing here at work to block facebook/myspace.  Once your friend has all the sites listed in the hosts file that he/she wants to block, copy that file (either by Group Policy or a batch file) to all the computers on the workgroup/domain.  Easy!
0
 
LVL 10

Expert Comment

by:Jini Jose
ID: 33556466
@TimAllan

this will work if the network has only a few computers. but if the LAN is large, it is not applicable to edit all the computers host file.
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 100 total points
ID: 33556478
and it is no best practices. PROXY server were developed for that action.
0
 
LVL 5

Expert Comment

by:TimAllan
ID: 33556561
How many computers are they looking after meispisces?
0
 
LVL 3

Assisted Solution

by:frogmanalien
frogmanalien earned 100 total points
ID: 33557129
If you're looking for a very simple system, and are using Internet Explorer only, you can setup Content Advisor very easily to setup restrictions - http://support.microsoft.com/kb/310401 without any third party software or similar - just make sure you prevent them from using other browsers (block the download pages definitely- remove local admin rights ideally!).

Hope that helps
0
 
LVL 25

Expert Comment

by:madunix
ID: 33581517
These sites have lots of addresses so you will need to block every single one of them.... or alias
facebook.com    127.0.0.1 in the hosts file
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 100 total points
ID: 33593177
Good article here


Restricting Specific Web Sites in Internet Explorer Using Group Policy


http://www.windowsecurity.com/articles/Restricting-Specific-Web-Sites-Internet-Explorer-Using-Group-Policy.html
0
 
LVL 7

Author Closing Comment

by:meispisces
ID: 33821371
thanks
0

Featured Post

Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Zimbra is famous for its platform independency, ability to manage multiple user accounts, easy assimilation with 3rd party applications, social network certification etc. Here, we discuss about how users can move multiple Zimbra user accounts to Exc…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question