Re: [Ltsp-discuss] limiting website useage

[Joe Auerbach]

That sounds like an excellent solution, but since this is ltsp, is there a way ot have a hosts file for each workstation, or will they all nessisarily run off the central /etc/hosts? Roy Souther wrote: I set up a network that would only allow people to access a short list of sites. I did this by removing the DNS from the DHCPD so that no client could resolve any URL. Then I statically added the IP addresses and the URL's to the /etc/hosts file. That is the easiest way to do it. It is not a 100% block because they could still use IP addresses to get to any site. Most people are not skill full enough to use an IP address to get to web sites so. If you think people would use an IP address to get around this then you need to use iptables to block access to every thing and then grant access to just the few sites you want to allow. That is a little more work. Hard to post an example if I don't know more about your topology. Firefox has a kiosk mode. It may have a way to do a white list like you want and maybe more features you have not thought of. On Wed, 2006-02-01 at 10:38 -0500, Joe Auerbach wrote: I suspect, given the number of schools using ltsp, that I'm not the first one to need to do this, but here goes. We are implementing ltsp on a much larger scale here at work and the collectors (I work at a collection agency) will need net access to go to various skiptracing sites (white pages, yellow pages, etc) but we'd like to prevent them from going to any other sites (you know . . . THOSE sites, but I think the idea is to have an allow list rather than a block list and to just assume that sites are blocked by default). How have some of you set this up? It would be easier if every user had their own /etc/hosts file, i think, but they all share one. And I want to limit them individually (so the legal department, for example, has broader access than the collectors). Thoughts? Royce Souther www.SiliconTao.com Let Open Source help your business move beyond. For security this message is digitally authenticated by GnuPG. -- joe auerbach systems administrator pcb / rossman and co 614-523-4150 [EMAIL PROTECTED] ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net