Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
deny connection to certain URLs
- Thread starter avputnam
- Start date
norstarboston
IS-IT--Management
I have this problem on my terminal/citrix servers. What I have done is changed the security settings in IE. I set "Internet" to a custom level where basically everything is disabled (makes it very difficult to surf). Then I added only the sites the users should visit in the "Trusted Sites" and changed the security to very low. The final step is to go into group policy and enable the following computer configuration:
Admin templates -> Windows Components ->Internet Explorer:
Security Zones: Use machine settings
Security Zones: Do not allow users to change policies
Security Zones: Do not allow users to add/delete sites
Works well for me but the best way is to setup a proxy server. Good luck!
Admin templates -> Windows Components ->Internet Explorer:
Security Zones: Use machine settings
Security Zones: Do not allow users to change policies
Security Zones: Do not allow users to add/delete sites
Works well for me but the best way is to setup a proxy server. Good luck!
- Thread starter
- #3
cmeagan656
Technical User
How about blocking them in your hosts file?
Depending on what firewall you're using you could also block them there. We use the Fortigate-60 and block all types of web sites, url patterns, etc. there. It also has a very good anti virus and a mediocre (compared to XWall) spam filter. Definitely worth the $$$.
Cheers.
Depending on what firewall you're using you could also block them there. We use the Fortigate-60 and block all types of web sites, url patterns, etc. there. It also has a very good anti virus and a mediocre (compared to XWall) spam filter. Definitely worth the $$$.
Cheers.
- Thread starter
- #5
It looks like my best bet is to create the record for myspace.com and ebay on the internal DNS server we have here.
I am a little uncertain on how to approach this, though. Should it be created as a separate zone inside the forward lookup zone or should it be a part of the already existent domain that has already has a zone assigned to it?
I am a little uncertain on how to approach this, though. Should it be created as a separate zone inside the forward lookup zone or should it be a part of the already existent domain that has already has a zone assigned to it?
Fatboy0341
IS-IT--Management
I'm assuming you don't want a third-part solution (cost) - but SurfControl is an excellent piece of software that works really well.
JB
"He who laughs last probably made a backup. He who laughs loudest probably hasn't checked his backups in a while."
JB
"He who laughs last probably made a backup. He who laughs loudest probably hasn't checked his backups in a while."
- Status
