We use our own DNS server and squid + dans guardian. In our firewall I block all outbound from the entire LAN except for the squid server. I then make a Facebook.com entry in the DNS server that points to the ip of our web server that hosts the terms of usage page for the company.
On Saturday, October 13, 2012, [email protected] wrote: > If the issue is bandwidth, then surely there are heavier sites than > Facebook to fear. And then the same would hold true for every heavy site on > the Internet, and you can't block them all. Unless you use a whitelist > instead, where you block *everything* except the sites in the list. But > such a solution is not feasible in many lines of work, for obvious reasons. > Nevertheless, my proposal to treat employees as co-workers and not like > adversaries in a digital skirmish should address bandwidth issues as well. > > If I may digress: One should consider a caching proxy server if one has > bandwidth problems at work. That way, each resource will be fetched only > once over the Internet connection, with any subsequent requests being > served from a cache on the local network. If two people on two computers > are browsing the same web page, why waste time and money on downloading > everything twice? > > Kyle Spencer <[email protected]> wrote: > > Sometimes the issue is bandwidth. > On Oct 13, 2012 5:09 PM, "Kizito Thomas" <[email protected]> wrote: > > Thank you Benjamin, > I remember a similar thread on Linux Admin(some mailing list). All > technical solutions didn't pass the test but this (Benjamin's Proposal) > did. > May be it is better to involve the staff into the advantages of working > and not spending time on facebook. otherwise even when you block > facebook they will come up with other social sites or activities to > waste time. > I think monitoring workers on how much time they spend at work is wrong, > but how much they have accomplished will make a difference! > -- > Kind regards; > KTM > +256752602550||+256782062708 > "Mother of God-Pray for us sinners" > > > On Sat, 2012-10-13 at 13:05 +0200, [email protected] wrote: > > Since all attempts at blocking are ultimately possible to circumvent, > > it might be worthwhile to approach the problem from another angle by > > asking oneself why the blocking is even needed. If it's a work > > environment and Facebook threatens productivity, then stricter > > policies could be put in place. If you are caught using Facebook at > > prohibited hours, you're fired. Or, use Facebook how much you want, > > but if you haven't completed your tasks at the end of the day/week, > > you're fired. > > > > Ultimately, you don't want people working for you whom you have to > > shepherd into action. You're running a business, not a daycare. > > > > Edmonds Namasenda <[email protected]> wrote: > > Godfrey & Justus, > > The LinkSys might offer you a solution but with time (as you > > have seen Godfrey) users always find ways to beat the system. > > > > Atop what the rest have suggested, the long haul would be a > > proxy. I have used SafeSquid (commercial) and now tinker with > > Squid (free) for much of my time when such need arises. > > > > Depending on your needs (present and future), the hardware > > requirements are often ordinary. > > > > # Edz > > > > On Sat, Oct 13, 2012 at 1:37 PM, justus byamukama > > <[email protected]> wrote: > > Hi all, i too have the same challenge, any assistance > > will be great! > > > > > > On Sat, Oct 13, 2012 at 11:36 AM, > > [email protected] > > <[email protected]> wrote: > > Yes. DNSmasq plus blocking of port 53 outbound > > should do the trick. > > > > It won't catch tunnelled traffic, of course, > > but there's only so much you can do without > > the line becoming useless for legit work. > > > > > > Kyle Spencer <[email protected]> wrote: > > Use an internal DNS and force people > > to use that DNS. > > > > On Oct 13, 2012 11:05 AM, "Godfrey > > Baluku" <[email protected]> wrote: > > Hello Lugers, > > > > > > > > I want Facebook to be accessed > > > > -- Sanga M. Collins Network Engineering ~~~~~~~~~~~~~~~~~~~~~~~ Google Voice: (954) 324-1365 E- fax: (435) 578 7411
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
