Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Limit internet access

From: Andy Silva <andy () romnet com>
Date: Wed, 04 Aug 2004 13:38:25 -0400
The easiest way to do this would definitely be on the local machine. What i would recommend is constructing a PAC file that only allows access to certain sites. All even vaguely current browsers support PAC files. The original purpose of PAC files was to change proxy settings based on the URL that request was going to. If you set the Proxy server for all requests (except the ones that you want them to be able to view) to a machine that is not a proxy server, or has a black hole proxy utility running, then they obviously will not be able to get to any other site. I would assume that since they do not have access to most of the internet, then they do not have admin or power user(sorry, assuming windows here) privs so they should not be able to change those settings (at least not in internet exploder, as far as I remember the other browsers do not restrict access to options based on user, and mozilla at least stores most of those settings in a file, and not the registry i believe so...). Check out this article on the topic http://www.windowsdevcenter.com/pub/a/windows/2004/03/30/hosts.html?page=2 

-andy


Guillome Main wrote:


Hi,

Do you know any way where I could limit the access of specified users to
specified site, either intra or internet? Any group policy solution? Or
desktop firewall solution?
I have a couple users that are only authorized to access 4-5 sites within
the company and outside. How could it be done safely and easily?

Thanks



Ez a level virusellenorzesen esett at!

This message was checked against viruses!



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html 
----------------------------------------------------------------------------





---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: