No, it is not the most secure since it’s not 100%, but it *is* the simplest method.
And not too many people have the IP addresses memorized for their favorite malicious surfing. Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: Kramer, Jack [mailto:[email protected]] Sent: Monday, January 24, 2011 11:49 AM To: NT System Admin Issues Subject: Re: Web filter? Doesn't stop someone from entering an ip address manually… ---- Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Erik Goldoff <[email protected]> Reply-To: NT System Admin Issues <[email protected]> Date: Mon, 24 Jan 2011 11:43:20 -0500 To: NT System Admin Issues <[email protected]> Subject: RE: Web filter? +1 Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: Jonathan Link [mailto:[email protected]] Sent: Monday, January 24, 2011 11:33 AM To: NT System Admin Issues Subject: Re: Web filter? Simplest? Don't enter DNS Server information, or if it gets it via DHCP, enter an invalid one manually. Then enter the validhosts into the hostfile. I'm presuming that the users of this won't have admin access to the machine. On Mon, Jan 24, 2011 at 11:28 AM, Joseph L. Casale <[email protected]> wrote: Sure, and it depends on strict the blocking must be enforced. I use squid proxy, and if it was ultimately required that the rules not be circumventable, you could place these machines on a subnet without externalaccess and allow internet access via a proxy or simply some acls on a router as your requirements don’t look large and hard to maintain… From: Eric Brouwer [mailto:[email protected]] Sent: Monday, January 24, 2011 9:24 AM To: NT System Admin Issues Subject: Web filter? Greetings, We're looking to deploy PCs at several locations that are to be used strictly foraccess to a couple of our websites. We're looking for a simple, cheapsolution to block internet access to all websites, and then add in the handful of sites we'd like them to access. Any one doing ahtyhing like this? A recommendations? Thank you! Eric ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
