Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Web Access Blocking Software

Status
Not open for further replies.
crs4

crs4

MIS
Jun 10, 2002
31
US
Hello all,

Always a wealth of expertise on here, so I'm gonna tap into that a bit. :) I am doing work for a client that needs some blocking done for web-access. Not content filtering or A/V, just blocking. I realize that I probably won't find a block-only product, but I have to ask. All I really need is a cheap solution for simple blocking. I've thought of simply enforcing policies in 2000(Windows 2000 Server/Client network) to turn off proxy settings and make it loopback to prevent access. But I also would like to have something more assured, but that doesn't cost $1000+.
Any ideas or suggestions would be greatly appreciated, thanks in advance.

Charlie S.
IT Technician
 
Sort by date Sort by votes
Many broadband routers can do this either by IP address or Mac address, if you're using a broadband connection.
 
Upvote 0 Downvote
crs4,

Are you trying to block all web access, or just to certain domains? Blocking all web access is as simple as creating an ACL in the router that blocks all outbound port 80 and 443 requests.

Otherwise you probably have to go to a firewall solution. But if you can afford an extra machine, you could do a Linux firewall for cheap or free (in terms of software), and use a transparent Squid proxy that allows you to block access to specific domains.
pansophic
 
Upvote 0 Downvote
If it's the ports you want to block, try an EtherFast® Cable/DSL Router with 4-Port Switch BEFSR41 (about $60)

You can allow certain IP’s web access, block ports, forward, etc. Make sure you download the updated firmware.

Remember, if the user is creative and security is weak, they can always use a port redirector like fport from
Hope that helps.
 
Upvote 0 Downvote
on MS proxy 2 and probably ISA server as well u can restrict access by user/group.

i think you can do deny everyone access except....

as well. ===============
Security Forums
 
Upvote 0 Downvote
Thanks a bunch. That gives me a start...already considered doing the GPO/bogus proxy thing, just not fully sure what limits I have as far as how restricted they need to be and how much they want to spend. This client is extremely unorganized so God knows when I'll get an answer. Oh well.

Thanks for the info and taking the time to help.

Charlie S.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
351
Shmid
Shmid
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
76
ISDPCMAN
ISDPCMAN
markd885
  • Locked
  • Question
PAC file redirect web page to another gateway
Replies
0
Views
74
markd885
markd885
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
75
gbayi_omo
gbayi_omo
kythri
  • Locked
  • Question
Restrict access to SSL VPN by IP (ASA 5540 - 8.4(7))
Replies
0
Views
76
kythri
kythri

Part and Inventory Search

Sponsor

Back
Top