Solved

How to block facebook in Firewall Juniper SSG320m? any idea?

Posted on 2014-02-03
8
1,812 Views
Last Modified: 2014-02-10
Hi EE's

Any please help me to block https://facebook.com from my network. I am using Juniper SSG 320m. I not an expert in Juniper. Please help.

Regards
Shamil
0
Comment
Question by:Shamil Mohamed
  • 3
  • 2
  • 2
8 Comments
 

Expert Comment

by:nitintembhare
ID: 39831690
Use Integrated Web filtering feature for blocking the specific web URL.
0
 

Author Comment

by:Shamil Mohamed
ID: 39831694
where i need to Integrated web filtering feature?
0
 

Expert Comment

by:nitintembhare
ID: 39831713
The Integrated web filtering feature has to be subscribed from juniper.........
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 68

Expert Comment

by:Qlemo
ID: 39831809
The only other way is to block traffic to all facebook site IPs. The reported ones are
  65.201.208.24/29
  65.204.104.128/28
  66.93.78.176/29
  66.199.37.136/29
  66.220.144.0/20
  67.200.105.48/30
  69.63.176.0/20
  66.92.180.48/28
  69.171.224.0/19
  73.252.64.0/18
  74.119.76.0/22
  204.15.20.0/22
or, in short, hellofalot. You can create a "Reject" policy for HTTP and HTTPS to those adress blocks - or, more smart, fake DNS entries for facebook in your local DNS server. Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine).
0
 

Author Comment

by:Shamil Mohamed
ID: 39845068
Mr Qlemo,

thanks alot for your idea.. But can u please help me how to

"Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine). "

Please..

Thank you
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39845163
If you have an own DNS server running, you'll need to create host entries (type "A") there. Open the DNS Manager, go to "Forward Lookup Zones", create a folder "facebook.com", and create the entries "login", "www" and an empty one, all with 127.0.0.1 as IP.

If you don't use a DNS server, you'll have to open %WinDir%\system32\drivers\etc\hosts, and insert
127.0.0.1   www.facebook.com
127.0.0.1   facebook.com
127.0.0.1   login.facebook.com
there - on each client. This is, of course, unreliable, as everybody is able to remove those entries again if not specially protected.
0
 

Author Comment

by:Shamil Mohamed
ID: 39846300
this actually works bro...

thank you..
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now