TuX^ Posted June 9, 2011 Posted June 9, 2011 Hi guys, One of our clients at work has requested that iGoogle be blocked on only SOME of the computers, so they can't access it. They are using a proxy but putting an entry for it on the proxy server doesn't block it for some reason. Can't do it via the Firewall because that would block it entirely. Any ideas? Also, is there any way to remotely edit the hosts file? Maybe with a script or something? I thought that if I could do this, I could add an entry into the hosts file to re-direct to google or something if they tried to access iGoogle. Any suggestions would be appreciated. Regards, TuX^ Quote
Infiltrator Posted June 9, 2011 Posted June 9, 2011 (edited) What proxy are you using? Microsoft Proxy or Squid? If you are using Squid, you can create an ACL (access control list) to block a particular site for a particular user. Edited June 9, 2011 by Infiltrator Quote
TuX^ Posted June 9, 2011 Author Posted June 9, 2011 I'm not using either of them, I'm using GFI WebMonitor. Hope this helps. TuX^ Quote
digip Posted June 9, 2011 Posted June 9, 2011 (edited) Can't be blocked with hosts file, because its root domain and IP are the same. You need to have a way to filter by full url, ie: http://www.google.com/ig'>http://www.google.com/ig vs http://www.google.com/ - Both resolve to the same in DNS, so no way to block one without blocking the other without installing 3rd party software on each machine to restrict per URL, and not per domain name/IP address. Windows hosts file, only maps IP address to a Domain Name or share name. Now, you MIGHT be able to roll out a Group Policy update to redirect the url, or even block it all together, but more than likely, you need software to be installed on each station, that can take a whitelist/blacklist of urls, and redirect accordingly - or- your proxy software needs to be able to block per URL, and not by domain alone. edit:See here - http://www.hackforums.net/archive/index.php/thread-660346.html Looks like someone else did this via Squid, but not sure if you can do the same in GFI WebMonitor. Edited June 10, 2011 by digip Quote
Infiltrator Posted June 9, 2011 Posted June 9, 2011 You can definitely use squid to block a specific user or computer on the network from accessing a particular website. This wiki has lots of info on how to achieve that, I would suggesting going through it and if you need help just hit me http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-ef469ed90b785ebb496c66523bb69030e0b7c906 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.