Re: [H] White list or black list?
On Sat, 27 Sep 2008, mark.dodge wrote: I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. Multiple methods, if you can fit all of the websites into the Don't use a proxy for these sites line in the internet explorer proxy settings you can setup a dummy proxy and use that line to whitelist your sites. I wouldn't just do it at the client, I would add it as a group policy and make it so they can't change the proxy server. Probably the best way of doing this is removing their default gateway and setting up an actual content filtering proxy server. The Cyclope Filter I recommended previously works well, but costs per user. You can quickly and easilly add and remove sites from the whitelist and blacklist in the proxy, and it can be configured in either mode (Whitelist or Blacklist). It doesn't have individual user settings, so you'd need something a bit more powerful if you're looking for allowing different users to access different sites. It all depends on how determined your users are to get past the filter. If you allow access out to the internet on other ports, they can always install an SSH server somewhere, use an SSH client and tunnel all their HTTP requests to a proxy server they setup elsewhere, and bypass. That's what removing their default gateway fixes. Christopher Fisk -- Leela: Hey, you know what might be a hoot? Professor: No. Why would I know that? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
[H] White list or black list?
I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. Mark MD Computers, Houston, TX
Re: [H] White list or black list?
Hello mark.dodge, Saturday, September 27, 2008, 9:24:57 AM, you wrote: I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. You mean the HOSTS file? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
Use a proxy PAC file and enforce the policy on all the machines. http://en.wikipedia.org/wiki/Proxy_auto-config -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe User Sent: Saturday, September 27, 2008 12:53 PM To: mark.dodge Subject: Re: [H] White list or black list? Hello mark.dodge, Saturday, September 27, 2008, 9:24:57 AM, you wrote: I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. You mean the HOSTS file? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
Yes the hosts file, that's it. I tried content advisor but it seemed like every time you needed to log in to a site or going to any other part of the site you had to allow content advisor with the password again. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe User Sent: Saturday, September 27, 2008 2:53 PM To: mark.dodge Subject: Re: [H] White list or black list? Hello mark.dodge, Saturday, September 27, 2008, 9:24:57 AM, you wrote: I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. You mean the HOSTS file? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
Using this and I allowed Google for example, they could go to every site that Google comes up with in a search? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alex Sent: Saturday, September 27, 2008 3:36 PM To: hardware@hardwaregroup.com Subject: Re: [H] White list or black list? Use a proxy PAC file and enforce the policy on all the machines. http://en.wikipedia.org/wiki/Proxy_auto-config -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe User Sent: Saturday, September 27, 2008 12:53 PM To: mark.dodge Subject: Re: [H] White list or black list? Hello mark.dodge, Saturday, September 27, 2008, 9:24:57 AM, you wrote: I need to limit which web pages multiple business computers can go to. What is the file that does this? I want to limit IE to around 12 sites the business needs for insurance and their page and a couple of medical research sites. I've done a google on whitelist but it comes up with programs that can or can't be run. You mean the HOSTS file? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
Hello mark.dodge, Saturday, September 27, 2008, 3:55:12 PM, you wrote: Using this and I allowed Google for example, they could go to every site that Google comes up with in a search? Ohh that's pretty complex, you may want a surfwatch type of thing. Maybe a sonicwall content filter? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
JoeUser, I though a SonicWall was big bucks? Thought Mark was trying to do this w/o an external hdw solution? Anyway, it is bigger than my operation... :) Duncan At 17:51 09/27/2008 -0600, you wrote: Hello mark.dodge, Saturday, September 27, 2008, 3:55:12 PM, you wrote: Using this and I allowed Google for example, they could go to every site that Google comes up with in a search? Ohh that's pretty complex, you may want a surfwatch type of thing. Maybe a sonicwall content filter? -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
not really, you get to define exactly where you allow the browser to go.
if you allow google.com and they click on the local google cached copy
link, it will be permitted because you allowed *.google.com - not the
actual link itself (say www.cnn.com)
quite a few ways to restrict using the pac file, via IP and domain name. The
possibilities are vast with inclusion/exclusion parameters.
here's my simple one, which basically bypass my proxy for all local browser
traffic, otherwise it gets pushed through the proxy.
function FindProxyForURL(url, host) {
if (shExpMatch(url,192.168.*/*)) {return DIRECT;}
if (shExpMatch(url, 192.168.*:*/*)) {return DIRECT;}
return PROXY 192.168.1.250:9876; DIRECT;
}
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of mark.dodge
Sent: Saturday, September 27, 2008 2:55 PM
To: hardware@hardwaregroup.com
Subject: Re: [H] White list or black list?
Using this and I allowed Google for example, they could go to every site
that Google comes up with in a search?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alex
Sent: Saturday, September 27, 2008 3:36 PM
To: hardware@hardwaregroup.com
Subject: Re: [H] White list or black list?
Use a proxy PAC file and enforce the policy on all the machines.
http://en.wikipedia.org/wiki/Proxy_auto-config
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joe User
Sent: Saturday, September 27, 2008 12:53 PM
To: mark.dodge
Subject: Re: [H] White list or black list?
Hello mark.dodge,
Saturday, September 27, 2008, 9:24:57 AM, you wrote:
I need to limit which web pages multiple business computers can go to.
What
is the file that does this? I want to limit IE to around 12 sites the
business needs for insurance and their page and a couple of medical
research
sites. I've done a google on whitelist but it comes up with programs that
can or can't be run.
You mean the HOSTS file?
--
Regards,
joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
Hello DHSinclair, Saturday, September 27, 2008, 4:57:06 PM, you wrote: JoeUser, I though a SonicWall was big bucks? Thought Mark was trying to do this w/o an external hdw solution? Anyway, it is bigger than my operation... :) Duncan Oh maybe so... -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] White list or black list?
LOL! For certain sure :) Duncan At 18:44 09/27/2008 -0600, you wrote: Hello DHSinclair, Saturday, September 27, 2008, 4:57:06 PM, you wrote: JoeUser, I though a SonicWall was big bucks? Thought Mark was trying to do this w/o an external hdw solution? Anyway, it is bigger than my operation... :) Duncan Oh maybe so... snip
