07-29-2005, 01:25 AM | #1 (permalink) |
Nobody Loves Me
Location: Irish In Madrid
|
Stop them surfing?
I have been put in charge of the network here in work because I know slightly more about computers than anyone else. Ill be the first to admit that im learning as I go along & theres lots that I donk (yet) know how to do. It is lots of fun solving problems & figuring things out, however its eating into my work time quite a bit.
Weve got 10 pooter networked & online. Had some problems with viruses & porn & tracking cookies already & what I need to do is limit the websites available on 7 of the pooters to just a few work related sites & nothing else. I really dont know where to start. Does it involve a firewall? Is there an easy way? Any clues would be helpfull, or just an arrow in the right direction. Can anyone help. Thanks.
__________________
Music is my first love & It will be my last. |
07-29-2005, 02:49 AM | #2 (permalink) |
paranoid
Location: The Netherlands
|
I don't have much experience in this field, but my gut feeling tells me that it requires 3 things:
- a firewall blocking all outbound traffic destined for port 80 (that means NO BROWSING) except coming from the proxy: - a proxy that forwards all traffic to the firewall if it meets your criteria - all browsers would need to be configured to use the proxy. The criteria would need to be something along the lines of: - if the source is PC_CEO then allow - if the source is PC_MAgpie0001 then allow - if the destination is ( insert list of allowed sites here) then allow - else: block (or redirect to a page with a useful message). As I said, I've got no experience in building such a setup, but having worked with (under?) several, I assume that this is how it works. PC ---> Proxy (is allowed?) yes-----> remote website EDIT: I'm real interested in knowing how to build such a setup myself, so keep us posted! As a side note: as a user I despise such setups, but as an administrator I'd love one I'd like to think I'd be judged on my productivity, regardless of what I'm actually doing with my time.
__________________
"Do not kill. Do not rape. Do not steal. These are principles which every man of every faith can embrace. " - Murphy MacManus (Boondock Saints) Last edited by Silvy; 07-29-2005 at 02:53 AM.. |
08-08-2005, 11:49 AM | #3 (permalink) |
Nobody Loves Me
Location: Irish In Madrid
|
Shit! When you start saying words like "proxy" & "do" I start to feel dizzy. I was hoping that there was an easier way. I also uncovered another problem. We need to use a few websites that have live (java, I think) updates. Its a stock monitor thingy. Well I cant get it working unless I log on as an administrator. No idea why & Ive tried to fiddle with the user settings to no avail.
__________________
Music is my first love & It will be my last. |
08-08-2005, 02:48 PM | #4 (permalink) |
Mine is an evil laugh
Location: Sydney, Australia
|
I would consider looking at a product like ipcop link. It is a linux based firewall product. From there FAQ, you see there is a web content plugin called Dan's Guardian.
I have installed this quite a while ago, and the simple setup was very easy. RE proxies/firewalls, this looks like a good summary.
__________________
who hid my keyboard's PANIC button? |
Tags |
stop, surfing |
|
|