Home  |  Forums  |  914 Info  |  Blogs
 
914World.com - The fastest growing online 914 community!
 
Porsche, and the Porsche crest are registered trademarks of Dr. Ing. h.c. F. Porsche AG. This site is not affiliated with Porsche in any way.
Its only purpose is to provide an online forum for car enthusiasts. All other trademarks are property of their respective owners.
 

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> OT- Internet Filters, need recommendations for a client....
JB 914
post Jun 21 2005, 08:21 PM
Post #1


Daddy! Finish my car NOW!!!
***

Group: Members
Posts: 1,593
Joined: 26-September 04
From: Garden Grove, CA
Member No.: 2,831



Anyone have a recommendation for an Internet filter for a 35 PC workgroup? They need to limit access to specific sites and block everything else on specific PC's.

Anyone have a recommendation?
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Qarl
post Jun 21 2005, 10:18 PM
Post #2


Shriveled member
*****

Group: Benefactors
Posts: 5,233
Joined: 8-February 03
From: Florida
Member No.: 271
Region Association: None



A good router or firewall can do that for you.

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
JB 914
post Jun 22 2005, 12:45 AM
Post #3


Daddy! Finish my car NOW!!!
***

Group: Members
Posts: 1,593
Joined: 26-September 04
From: Garden Grove, CA
Member No.: 2,831



Well, they already have a VPN setup with Netopia routers. The netopia will filter IP's only. not exactly the setup i'm looking for....
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Verruckt
post Jun 22 2005, 05:53 AM
Post #4


Senior Member
***

Group: Members
Posts: 716
Joined: 14-July 04
From: Midwest
Member No.: 2,348



How about Squid?
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Qarl
post Jun 22 2005, 08:04 AM
Post #5


Shriveled member
*****

Group: Benefactors
Posts: 5,233
Joined: 8-February 03
From: Florida
Member No.: 271
Region Association: None



I don't understand what you are looking for...

Sites are all resolved to IPs... If you know the specific sites they want access to, you can determine the IPs you want to give access to. You should be able to set the router or firewall to say... these PCs (with these TCP/IP settings can only go inbound/outbound to X.X.X.X IP addresses outside of the network)

Or all internal machines can access all external IPs... etc.

Or are you looking for "software" to install on a PC that you can limit what they access? Might I suggest NetNanny? Just kidding.

(IMG:http://www.914world.com/bbs2/html/emoticons/confused24.gif)
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
serge914
post Jun 22 2005, 08:31 AM
Post #6


Member
**

Group: Members
Posts: 273
Joined: 21-May 03
From: Laval Quebec Canada
Member No.: 723



Qarl is right.

If you only want to let some PC to access only a few specific sites, you can do that in any good firewall, maybe not the Netopia, but you will need to enter all the specific address of the sites that they can access in a filter rule.

Some Firewall like the Fortinet classify all the internet sites in category and you can specifiy wich category you let them access. You have to buy a license every year so that that list get updated all the time with the new sites.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
JB 914
post Jun 22 2005, 09:36 AM
Post #7


Daddy! Finish my car NOW!!!
***

Group: Members
Posts: 1,593
Joined: 26-September 04
From: Garden Grove, CA
Member No.: 2,831



not all PC's are going to be blocked. So, i was looking for software to install on the ones that need to be blocked from all but a few sites.

I may just try and use the Windows filter. That will be fun (IMG:http://www.914world.com/bbs2/html/emoticons/headbang.gif)
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
fiid
post Jun 22 2005, 12:23 PM
Post #8


Turbo Megasquirted Subaru Member
****

Group: Members
Posts: 2,827
Joined: 7-April 03
From: San Francisco, CA
Member No.: 530
Region Association: Northern California



You could set up a proxy server (apache) on a linux box. That should allow you full control over what any machine on your network is connecting to. You will also need to enforce that everyone is using the proxy, which means you should tell your netopia jobby that ONLY the proxy machine is allowed to use the web.

I think the apache proxy will allow you to do configs like "don't allow any urls with the work fuck in them" or similar matching on pages.

You might also want to look into the squid proxy.

Note that an educated user will be able to point their machine to a proxy outside your network - so you might need to block all internet access to every machine except the proxy, which will disable more than just http access.

You should also note that just about any effort you make here will be subvertable in some way or another. Just depends on how educated your users are.

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Qarl
post Jun 22 2005, 12:28 PM
Post #9


Shriveled member
*****

Group: Benefactors
Posts: 5,233
Joined: 8-February 03
From: Florida
Member No.: 271
Region Association: None



I have e Netscreen firewall.

I can generate specific policies for individual machines, ranges of machines (i.e., Range of TCP/IP addresses), or the entire network.

I can then generate restrictive, liberal, or unrestricted policies to individual IP addresses outside the network, ranges of IPs, or unlimited.

I can do the same with just about any other port type function. FOr example, I can limit Telnet, FTP, HTTP, etc. for one, groups, or all machines in our network.

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
JB 914
post Jun 22 2005, 01:21 PM
Post #10


Daddy! Finish my car NOW!!!
***

Group: Members
Posts: 1,593
Joined: 26-September 04
From: Garden Grove, CA
Member No.: 2,831



QUOTE (fiid @ Jun 22 2005, 10:23 AM)


You should also note that just about any effort you make here will be subvertable in some way or another. Just depends on how educated your users are.

They cannot add or change software without admin rights, which they don't have. Considering they have a hard time rembering password, i'm not really concerned with them changing stuff. The ones that might be able to do it are the managers and they will not be restricted. (IMG:http://www.914world.com/bbs2/html/emoticons/biggrin.gif)

The Netopia is not very user friendly and is more 'black and white' i need to be able to easily modify it and give them permission to only certain sites. It is bullet proof for the VPN, which was it's original purpose.

i'm leaning towards a SonicWall. i think that will give me all the flexibilty without taking hours of ongoing configuration with "Oh, Joe by the way can you add, subtract blah blah......"
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
brer
post Jun 22 2005, 04:24 PM
Post #11


Advanced Member
****

Group: Members
Posts: 2,555
Joined: 10-March 05
From: san diego
Member No.: 3,736
Region Association: None



Internet filering in Iran

apparently they use Smartfilter

User is offlineProfile CardPM
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 11th July 2025 - 02:20 AM