trying to block aol.com using cisco router and or pix

[scottcc]

I have a problem with our websense server there is a work around in aol.com that allows users to bypass our servers filtering when they go to aol first any help would be great.

 

[CobolKid]

scottcc,

The only way I've been able to accomplish that is by the implementation of PAC file based filtering at all hosts and servers, in conjunction with severe multi-method security restrictions regarding system configuration and control.

Check out "

http://www.schooner.com/~loverso/no-ads/"

with a little imagination you can easly use this method to accomplish your goal.

Steve

 

[Stevehewitt]

If it's just the one site then you may want to just edit the hosts file so it points to your localhost for HTTP requests to aol.com.

Not as advanced as what CobolKid was saying but it should do the trick.

Good Luck,

Steve.

 

[CobolKid]

Steve,

That wold work until someone used an IP instead of a URL.
Host file functions on url based lookups, PAC file functions on all.

That's one learned the hard way.

Steve

 

[rzs0502]

Steve's idea would work with the host file

AOL's servername pointing to local IP
and AOL's ip pointing to local hostname

or maybe adding a fake route for AOL's IP in the routing table


"If you always do what you've always done, you will always be where you've always been."

 

[lgarner]

For this type of thing, I have sometimes set up a master zone on my DNS server for the offending domain (doubleclick.net and similar). Then, the urls just don't resolve.