Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to block facebook in Firewall Juniper SSG320m? any idea?

Posted on 2014-02-03
8
Medium Priority
?
1,997 Views
Last Modified: 2014-02-10
Hi EE's

Any please help me to block https://facebook.com from my network. I am using Juniper SSG 320m. I not an expert in Juniper. Please help.

Regards
Shamil
0
Comment
Question by:Shamil Mohamed
  • 3
  • 2
  • 2
7 Comments
 

Expert Comment

by:nitintembhare
ID: 39831690
Use Integrated Web filtering feature for blocking the specific web URL.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39831694
where i need to Integrated web filtering feature?
0
 

Expert Comment

by:nitintembhare
ID: 39831713
The Integrated web filtering feature has to be subscribed from juniper.........
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
LVL 72

Expert Comment

by:Qlemo
ID: 39831809
The only other way is to block traffic to all facebook site IPs. The reported ones are
  65.201.208.24/29
  65.204.104.128/28
  66.93.78.176/29
  66.199.37.136/29
  66.220.144.0/20
  67.200.105.48/30
  69.63.176.0/20
  66.92.180.48/28
  69.171.224.0/19
  73.252.64.0/18
  74.119.76.0/22
  204.15.20.0/22
or, in short, hellofalot. You can create a "Reject" policy for HTTP and HTTPS to those adress blocks - or, more smart, fake DNS entries for facebook in your local DNS server. Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine).
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39845068
Mr Qlemo,

thanks alot for your idea.. But can u please help me how to

"Faking is done by creating
   www.facebook.com
   facebook.com
   login.facebook.com
all with IP 127.0.0.1 (own machine). "

Please..

Thank you
0
 
LVL 72

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 39845163
If you have an own DNS server running, you'll need to create host entries (type "A") there. Open the DNS Manager, go to "Forward Lookup Zones", create a folder "facebook.com", and create the entries "login", "www" and an empty one, all with 127.0.0.1 as IP.

If you don't use a DNS server, you'll have to open %WinDir%\system32\drivers\etc\hosts, and insert
127.0.0.1   www.facebook.com
127.0.0.1   facebook.com
127.0.0.1   login.facebook.com
there - on each client. This is, of course, unreliable, as everybody is able to remove those entries again if not specially protected.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39846300
this actually works bro...

thank you..
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question