Blocking websites from server

[Egarfgarf1]

Hi everyone, is there any way to block websites from a server without buying third party softwares/routers?

OS: Windows Server 2008
Browser: Firefox and IE

Thanks in advance!!

 

[IllogicallyLogical]

Not sure what your Internet gateway device is, but you very likely may be able to block the sites there. But, to answer your question, there are methods of accomplishing this task without having to buy any third party solutions.

For Internet Explorer you could use the 'Content' tab on the 'Internet Options' properties box to approve/deny specific websites. If you need to deploy these settings across the network to a number of computer systems you could use Group Policy to accomplish the task. The following article explains how to do this.

- Restricting Specific Web Sites in Internet Explorer Using Group Policy

http://www.windowsecurity.com/artic...tes-Internet-Explorer-Using-Group-Policy.html

For Firefox, you could use the "BlockSite" add-on.

- BlockSite

https://addons.mozilla.org/en-US/firefox/addon/3145/

Joey
CCNA, MCSA 2003, MCP, A+, Network+, CWTS

 

[cajuntank]

As "IllogicallyLogical" stated, you can perform this at a client level, but you can also do this at the server level as well by Blackhole'ing URLs. Do a google search for "blackhole DNS URLs". Now here are the assumptions... that you have an internal DNS server your clients point to that you can modify, and that you have your firewall setup so that only your DNS server(s) have port 53 access out while everything else is denied port 53 out (this stops someone from changing their DNS numbers on their client to someone else on the Internet and resolve names to IPs).

 

[kmcferrin]

But realistically, if you are doing this for a business you will want to purchase a third-party solution. You can do it "by hand", so to speak, but you'll be the one constantly stuck with updating the lists of denied/approved sites, and when someone gets through to something that they shouldn't have you'll be the one getting the call from the manager wondering why the "magic filtering box" didn't already know about every "bad" web site in the world. The problem is that there are far more "undesirable" web sites out there than you have time to identify. Companies who make Internet filtering tools have entire departments dedicated to compiling and categorizing web sites specifically so that you don't have to.

Additionally, most third-party filtering products allow you to filter by category (i.e., hacking, gambling, pornography, hate speech, etc). Depending on what line of work your business is in, some categories may be material that you will need to provide access to, while blocking others. Sure, you can get a list of "bad" sites for free, but without going through the whole thing how do you know that what someone else's idea of "undesirable" matches your company's?

If you were doing it at home I could see doing it the cheap and easy way, but even the $50 wireless cable/DSL routers available these days have this capability built in. Why reinvent the wheel?

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator

 

[58sniper]

If you want cheap and easy, do something like OpenDNS. But, as mentioned above, if you need granularity, the ability to further categorize things, reporting, and other features, a third party solution like Websense might be the best method.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.

http://www.ucblogs.net/blogs/exchange/