-
March 8th, 2004, 12:51 AM
#1
limiting net access
Ok new office am working in is a shambles - plus to add to it the normal (& only) tech guy has gone on holidays so I'm the only tech(ish) guy they have.....
are switching all users from their normal logins over to generic logins (agent1, agent2, agent3 etc) but the tech guy forgot to set the security profiles for the users before leaving
I dont have access to the main router etc so am looking for a quick work around to stop users accessing net
need to restrict it to only certain domains - it does not need to be air tight as is only a quick work around for a week
was thinking something through the hosts file
can you use wildcards in it?
am taking that the browser checks the host file in order of each record
so if you had
127.0.0.1 www.antionline.com
63.146.109.212 www.antionline.com
it would read the first entry and show nothing rather than load the site.....so if you could use wildcards it could be something like
63.146.109.212 www.antionline.com
127.0.0.1 *.*.*
so agents would only be able to load antionline and nothing else
is that kind of thing possible??? I dont want to add any new software etc as like i said before is only a quick work around - once tech guy returns will be able to access router etc and set it up properly but for now i need something quick
any ideas?
v_Ln
-
March 8th, 2004, 12:58 AM
#2
Hey Hey v_Ln,
I don't believe that you can use wildcards in the hosts file, that's why they came up with software like the PICSrule Project for blocking ads and pop-ups based on wildcards.
How much access do you have, are the machines stand-alone or on a domain?
How about a few simple IPSec policies that say Allow access to these few sites, and then deny everything else. It isn't complex and if it's a domain that you have/can (legally) get admin access to then it'll only take you a few clicks. If they are stand-alones it may take you a little longer, but it's still feasible.
Anways just a suggestion,
[Edit]
Thought I'd add a website on the topic, it's the best resource I've seen for this topic.
http://www.petri.co.il/block_web_bro...with_ipsec.htm
[/Edit]
Peace,
HT
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|