Yes a managed switch would be easier and more flexible. But unmanaged switches are really cheap, and there might even be a spare one lying around. Also, I realized that I mistyped my original post. If its just one host you don't need a switch at all, you could plug them straight into the punishment box with a crossover cable.
On 9/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
What we used to do (at a previous company)...is we had two DHCP ranges. The first (default), was allowed NO internet access... and the latter, WAS allowed access, which was filtered. Repeat offenders got moved to the default DHCP range, until their manager / section head gave the "okay" to move to the other range. The only thing we really blocked was streaming media, mIRC, Kazaa, Limewire, eMule, eDonkey, etc, etc, etc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn William Taylor Sent: Wednesday, September 13, 2006 9:36 AM To: Triangle Linux Users Group discussion list Cc: Triangle Linux Users Group discussion list; [EMAIL PROTECTED] Subject: Re: [TriLUG] MAC-based web blocking If you are buying a switch, couldn't you buy a managed switch and just use that to solve the issue? Shawn "Josh Vickery" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 09/13/2006 09:28 AM Please respond to Triangle Linux Users Group discussion list <[email protected]> To "Triangle Linux Users Group discussion list" <[email protected]> cc Subject Re: [TriLUG] MAC-based web blocking Well, if you don't have managed switches, you can do a RLAN ;) And by "RLAN" I mean, a real LAN. Physically run the perp's ethernet through a different switch, into a router/squid proxy that punishes him as you and your boss see fit. If you anticipate adding more people to this punishment zone, you could buy a switch to put in front of the router/squid proxy. On 9/13/06, Brian Henning <[EMAIL PROTECTED]> wrote: > AAUGH! NO! BAD DAVE! > > RSA 1024-bit encrypted SMOKE SIGNALS!! > > Dave Sorenson wrote: > > AAUGH! NO, BAD IAN > > > > > > 2 Campbells soup cans and some string anyone? > > > > :-P > > > > Ian Kilgore wrote: > >> On Wed, Sep 13, 2006 at 07:40:00AM -0400, [EMAIL PROTECTED] wrote: > >> > >>> bind?! you gotta be kidding.. > >>> http://www.isc.org/index.pl?/sw/bind/bind-security.php > >>> next to sendmail, its been historically swiss cheese as far as > >>> security holes.. > >>> If you feel the need to use software that needs to be updated every > >>> few months, knock yourself out. > >>> > >>> regards, > >>> Jason > >>> > >> AAUGH! NO, BAD JASON! > >> > >> /etc/hosts > >> > >> > >> (it's super secure!) > >> > > -- > ---------------- > Brian A. Henning > strutmasters.com > 336.597.2397x238 > ---------------- > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
