Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Blocking unwanted sites FaceBook getting through 2

Status
Not open for further replies.

1DMF

Programmer
Jan 18, 2005
8,795
GB
Hello,

Hope i'm in the right forum!

Can someone advise how Facebook is getting through my banned sites list on our LinkSys RV082 router?

I've added all combinations I can think of , even *.facebook.com/*

but if you type , up comes the website.

I've done exactly the same for myspace, youtube etc and it works fine, so why is facebook getting through?

All advice appreciated.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
That's an odd one, how is the address resolving? A good option for blocking sites is by using OpenDNS (opendns.com). It's free and gives excellent control over what users can access.

"We can categorically state that we have not released man-eating badgers into the area" - Major Mike Shearer
 
Also, are you sure it's Facebook that your users are accessing? Could it be that they're using a web proxy (or an SSL web proxy) to get to the site?


Want to ask the best questions? Read Eric S. Raymond's essay "How To Ask Questions The Smart Way". TANSTAAFL!
 
we use our ISP for DNS, I don't want to start messing around with something that aint broke, coz it's likely i will break it!

I'm sure it's face book because i'm typing facebook.com in my browser and it goes to facebook.com.

I guess our firewall doesn't work properly, great!

Thank you LinkSys!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
Well, to be honest, you're trying to use a firewall as a content filter. It's not really designed for that.

My one is suposedly!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
Have you tried using nslookup to get all of FaceBook's IP addresses and blocking it that way?
 
nope, but it was on my list of things to try next!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
Yup, as soon as I blocked it by IP address it worked fine.

oh well dunno why as blocking myspace , youtube etc.. all works find uisng domain name.

Which is better as it sholdn't matter if they change server or nameservers, where as if Face-book changhe them now I'll need to re-set the IP address.

Another Bridge , Another Time!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
Hmmm, would using a service such as offered by K9 work out for you? For home users its free, but it aint free for corporate. [wink] For corporate, it's called Blue Coat.

Home/personal:
Business/Corporate:
I know that the K9 web protection for home works EXCELLENT. If that thing is installed, you aint going nowhere that the administrator doesn't want you to go. And even with the free version of their software/service, you can be as generic or as specific as you want. It also works regardless of what browser you use. It has lots of features, but I'll let you be the judge if you just go look for yourself. Again, I don't know anything about the corporate part, as I've not seen it yet.



--

"If to err is human, then I must be some kind of human!" -Me
 
unfortunately it isn't a priority so I wou;dnt get the funds to purchase anything, I'm only making a concerted effort myself to block these sites as technically you should be working not surfing social network sites.

Plus I can't afford the security risk these sites pose for viruses , adware etc..

it's not company policy persae it's my policy!

At least one of us is looking out for the companies interests!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
NOTE: i've just been to a site with an embeded youtube video and the darn thing played.

Not sure why the Firewall is playing up like this it was blocking things fine, ip addresses it is then I guess.

WARNING: Do not buy LinkSys routers!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
You mention that this is your policy and not the company policy. Are you sure this is what the company wants?

Some companies allow employees to visit such site during lunchtime. I'm not sure if this applies in the specifics of your situation, but it is conceivable that a manager may have wanted to grant access to one of these site and asked somebody poke a hole through your protection.

Also, I'm not convinced that a boycott of an established name like Linksys would be warranted for one user having a problem. No offense, but from the standpoint of somebody completely outside the situation, it seems more likely that user error and not router error is behind this issue. After all, user error is the source of a high percentage of the issues I resolve.
 
KornGeek said:
Also, I'm not convinced that a boycott of an established name like Linksys would be warranted for one user having a problem...

I agree, totally.

On a smaller/sillier scale, I have often gone behind the local cable company "tech support" - not a small company, in correcting/fixing home users and small business modems and routers, etc.

One particular instance I shall never forget.

It was about a year ago, I suppose. An elderly couple had gotten a new laptop a while prior, and got a free Buffalo Wireless-G router with the deal.

Well, the Charter tech support sent at least 2 guys out on different occasions to install the cable modem and setup the router for them to be able to connect wireless.

The first guy just couldn't get it worked out. Charter said the next guy would take care of it. After the 2nd guy gave up, his reason that he gave for not fixing it was "this isn't a Linksys, and only Linksys routers work on ___ Cable. Of course I debunked that lie/myth/mis-speak (had to throw that in [wink]) by correctly setting everything up with no prior information about the router. I'll admit that the router was a bit more of a headache than I'm accustomed to, but it did work.



--

"If to err is human, then I must be some kind of human!" -Me
 
I'm with 1DMF on this, Linksys routers are horrendous. We've had dealings with many of them (especially RV082 and RV042). They are unreliable at the best of times, and God help you if you want to make use of their VPN facilities. It will probably start off working fine, but stop months down the line.

IDMF: Seriously consider something like OpenDNS for solving your problem, it's free and very manageable. Simply add their DNS servers into your gateway router and that's it.

"We can categorically state that we have not released man-eating badgers into the area" - Major Mike Shearer
 
Yup Grenage, the missus has had problems with her LinkSys at her work and we've had problems with the one we used to have at home, though the NetGear one we currently have with MIMO technology sucks as well!

You mention that this is your policy and not the company policy. Are you sure this is what the company wants?

Am I sure as the IT department responsible for securing the company data in line with the Data Protection Act 1984/1998 and out obligations to the FSA for our regulated responsibility under the Financial Services rules that enable us to trade in the financial sector.

Hmmm let me see, yes i'm sure what I tell the company needs to do to help protect.... our data, our members, our clients and everyones ass from being fined millions by the FSA, is exaclty what they want, yep, i'm sure!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
Aye, we got on a little better with Netgear products but they do have some issues. We ended up moving over to PFsense, which is a FreeBSD-based router, and I've never looked back.

"We can categorically state that we have not released man-eating badgers into the area" - Major Mike Shearer
 
Don't supose you have had any experience with these routers that use your electric ring mains to run a LAN network through your existing house wiring?

I'm getting so fed up with the NetGear, that's where I'm looking to go next, this WiFi is so unreliable.

I have a mini satelite dish as my USB adapter and still I can pick up a network down the road @ 65% strength, yet I cannnot even connect to my NetGear half the time and when I do it's only @ 35% strength!

This wired system through the electric ring mains sounds like a solution to me and it's supose to run @ 200mbps.



"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!
 
I have never used them, but I've heard good things. I think the units that deal 200Mb are quite expensive, but things may well have changed since then.

Netgear also make then. *grin*

"We can categorically state that we have not released man-eating badgers into the area" - Major Mike Shearer
 
If you're looking for a good home or small business wireless router, from my personal experience, I can HIGHLY recommend the D-Link DIR-655. It can handle anything you throw at it, and so long as you are positioning your router correctly for your situation, you'll get EXCELLENT throughput. Of course, if you want to spend more money, you can get its big brother, the DIR-855. I personally own the DIR-655. I've also installed it in 2 other locations, and recommended it to another to install - all friends. It's an amazing router, let me tell you.

But the positioning thing is important in some situations. One recent one was in an old house, and the signal went strait through a very busy kitchen. The receiving computer (desktop with low-end wireless adapter) sits on the other side of the wall from a double oven and such. We could get NO signal to that pc consistently. We changed the location of the modem/router to where it got around all the stuff in the kitchen - microwave, double-oven, etc.

Now, it's amazing, the speed! Of course, the Dell, being now in the same room is full-up on signal strength and all, and the Macintosh - where the modem/router originally was - is also getting full strength. The signal path was only moved probably 10 feet in one direction on one end, and made a world of difference!

So, that story in mind, before you buy another router, I'd suggest try changing your location of your router or the receiving computers.

Also, another idea is to try one of the free antenna designs over at freeantenna.com I believe it is. I didn't see any gain from the one I tried, but many others did, and posted real results - across the web. If nothing else, they could make for fun projects. I'm still interested in the one I saw about using coax cable to make somewhat of a "super" antenna. LOL - That one I think I just found through a video link from another antenna idea..

The one I actually tried is this one:

It's called Ez-12 or The WindSurfer. [wink]


--

"If to err is human, then I must be some kind of human!" -Me
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top