Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to block facebook in Firewall Juniper SSG320m? any idea?

Posted on 2014-02-03
8
Medium Priority
?
1,984 Views
Last Modified: 2014-02-10
Hi EE's

Any please help me to block https://facebook.com from my network. I am using Juniper SSG 320m. I not an expert in Juniper. Please help.

Regards
Shamil
0
Comment
Question by:Shamil Mohamed
  • 3
  • 2
  • 2
8 Comments
 

Expert Comment

by:nitintembhare
ID: 39831690
Use Integrated Web filtering feature for blocking the specific web URL.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39831694
where i need to Integrated web filtering feature?
0
 

Expert Comment

by:nitintembhare
ID: 39831713
The Integrated web filtering feature has to be subscribed from juniper.........
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 71

Expert Comment

by:Qlemo
ID: 39831809
The only other way is to block traffic to all facebook site IPs. The reported ones are
  65.201.208.24/29
  65.204.104.128/28
  66.93.78.176/29
  66.199.37.136/29
  66.220.144.0/20
  67.200.105.48/30
  69.63.176.0/20
  66.92.180.48/28
  69.171.224.0/19
  73.252.64.0/18
  74.119.76.0/22
  204.15.20.0/22
or, in short, hellofalot. You can create a "Reject" policy for HTTP and HTTPS to those adress blocks - or, more smart, fake DNS entries for facebook in your local DNS server. Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine).
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39845068
Mr Qlemo,

thanks alot for your idea.. But can u please help me how to

"Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine). "

Please..

Thank you
0
 
LVL 71

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 39845163
If you have an own DNS server running, you'll need to create host entries (type "A") there. Open the DNS Manager, go to "Forward Lookup Zones", create a folder "facebook.com", and create the entries "login", "www" and an empty one, all with 127.0.0.1 as IP.

If you don't use a DNS server, you'll have to open %WinDir%\system32\drivers\etc\hosts, and insert
127.0.0.1   www.facebook.com
127.0.0.1   facebook.com
127.0.0.1   login.facebook.com
there - on each client. This is, of course, unreliable, as everybody is able to remove those entries again if not specially protected.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39846300
this actually works bro...

thank you..
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question