On Wed, Aug 5, 2009 at 10:37 AM, David W. McSpadden<[email protected]> wrote: > How would I do it for all??
You're doing it wrong. :) If you want to block network connectivity, use a firewall, that's what they're for. :) Don't mess around with web browser proxy settings; that's easy to bypass. To block a machine, use a static IP address (via DHCP reservation or manual configuration), and firewall that IP address. To block a user when it's a single-user workstation, you could use a firewall that requires users to authenticate themselves via a web page before allowing IP connectivity beyond the firewall. If you've got multiple users on a single workstation, use a firewall with HTTP proxy capability, force everything through HTTP, and require HTTP proxy authentication. Block any and all IP traffic that doensn't go through the HTTP proxy, so that if they bypass the client proxy config they get nowhere. Squid's a free proxy server that works well for this sort of thing. Configuration is a little daunting at first, but I can share the procedure and config files we used if needed. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
