RE: block internet at two workstations :VSMail mx1

["Ryan" <ryan () riptheweb com>]

Sorry, Didn't mean to send that last one yet :)
To further clarify my last email,
I am assuming you are assigning Private IP's via DHCP (most routers come out
of the box enabled this way now)
Most routers have a DHCP pool by default but then has a block of maybe the
first 10 or 20 IP's not in the DHCP pool. Use 2 of the Static IP's for the
computers that need to be taken offline then just do not put in any DNS
servers in.

If the router does not have any IP's set aside configure the router to where
you have the first 10 or 20 so you can static assign them, as you need. This
is always a good idea to have some set-aside just in case anyways.

This is probably your simplest solution.

Ryan


-----Original Message-----
From: Lisa LAFLEUR [mailto:LLafleu () firstfedamerica com]
Sent: Wednesday, May 07, 2003 2:30 PM
To: tomb1n () attbi com; hometeam () goeaston net
Cc: security-basics () securityfocus com
Subject: RE: block internet at two workstations :VSMail mx1

Another simple solution, but if the only issue is that they are surfing
the internet too much on company time, remove their browser software.

Lisa B. Lafleur, CNE, CISSP
Data Security Administrator
FIRSTFED
One FIRSTFED Park
Swansea, MA 02777
(508) 235-1770

> > > "Tim Laureska" <hometeam () goeaston net> 5/6/2003 9:21:59 PM >>>
I called Netgear and they said that feature is not available in any of
their routers... I couldn't find any reference to deny rules or
filtering IPs or MAC addresses in the documentation either


From: tombin [mailto:tomb1n () attbi com]
Sent: Tuesday, May 06, 2003 9:11 AM
To: Tim Laureska
Subject: Re: block internet at two workstations


Those netgear cable sharing routers, have the ability to block MAC
addresses. Just add the 2 machine's MAC addresses into the firewall
rules to deny. Check the help file located on the router for a better
description of how to do this.

Tim Laureska wrote:

> I'm working with a small (10 user network) with a netgear FVS318
> firewall, accessing the internet via cable modem.. The client wants
to
> block internet access at two workstations.  I don't see anything
> available within the firewall documentation/configuration that would
> address this.  What is the best and easiest way to do this ...easy
and
> best may be a contradiction :-)
>
> TIA
> Tim





---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's
most
recognized corporate security certification track, provides a
comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
of pertinent security tools. For a limited time you can enter for a
chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-security-basics
----------------------------------------------------------------------------


---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-security-basics
----------------------------------------------------------------------------




---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------