Block access to web pages

Discussion in 'Computer Security' started by rog, Mar 14, 2005.

  1. rog

    rog Guest

    Hello

    I would like to block access to certain web pages in my computer, how can
    this be done? I'm looking for software solution.

    Thanks

    Roger
     
    rog, Mar 14, 2005
    #1
    1. Advertisements

  2. rog

    JD Guest

    If you have broadband it will be just as cheap to buy a modem-router
    they usualy have an inbuilt web page blocking facility (modem-routers
    are cheap these days will probably cost around the same as a software
    solution) you could also do the hostfile trick whereby you edit your
    hosts file on your local computer and loopback any site you do not want
    accessed
    eg. dirtypornsite 127.0.0.1
     
    JD, Mar 14, 2005
    #2
    1. Advertisements

  3. rog

    winged Guest

    c:\windows\system32\drivers\etc\hosts

    Host file

    127.0.0.1 coolwwwsearch.com
    127.0.0.1 coolwebsearch.com
    127.0.0.1 hi.studioaperto.net
    127.0.0.1 www.webbrowser.tv
    127.0.0.1 www.wazzupnet.com
    127.0.0.1 gueb.com
    127.0.0.1 kabex.com
    127.0.0.1 www.hityou.com
    127.0.0.1 miosearch.com
    127.0.0.1 wazzupnet.com

    This example will block the sites listed with loopback address on local
    computer. Spybot S&D has a large number of known spyware sites blocked
    if that is what your blocking, they do the work for you. I have seen
    issues using this method when one has a large number of sites they wish
    to block and their system memory is marginal. I have about 5000 lines
    in my host file with as little as 256MB Ram on the virtual machine no
    problem. When I reduce the memory availible to 128MB Ram on the
    machine, the machine slows some in connecting with 5000 line hosts file.

    The host file can speed up lookups to places you frequently visit by
    putting the appropriate IP for the site instead of the loopback. This
    entry will be used instead of the IP address. For example: you could
    put the IP for google defined for the address www.playboy.com

    64.233.161.99 www.playboy.com

    And when the user puts in the www.playboy.com addy in their browser, the
    google page would pop up instead. If one were to use a link to a
    specific page at playboy a 404 (page not found) would "probably" result.

    Winged
     
    winged, Mar 15, 2005
    #3
  4. rog

    johns Guest

    It is easy in IE to restrict access to "allowed" web pages,
    or to just a specific domain like *.edu, but blocking
    specific web pages is pointless.

    johns
     
    johns, Mar 15, 2005
    #4
  5. rog

    winged Guest

    IE has 20 plus known vulnerabilities that are actively being exploited
    by various advertisers, spyware companies, and others of ill repute.
    (see http://secunia.com/product/11/)

    If you are relying on IE to keep the bad guys out, you have far bigger
    problems, or soon may have, than blocking specific sites.

    Firefox has 11 known current exploits, but none of the exploits allow a
    remote site to run the code of their choice on the local machine with
    system level permissions. http://secunia.com/product/4227/

    The advantage of blocking via the host file versus using the browser is
    many tools utilize the web to communicate that do not rely on the
    browser permissions. If you block via the host file, communication is
    blocked to the site irrespective of protocol. Ideally one blocks at
    every level of the network, sites you do not wish to communicate with.
    Blocking inside and outside interfaces on the perimeter firewall, on the
    local machine firewall, and in the local machine host file. One should
    use a layered blocking policy as well as a layered security policy.

    One should NOT rely only on application level blocks to prohibit
    communications.

    One should also use the host file to identify a number of commonly used
    login sites as this prohibits DNS poisoning attacks from inadvertently
    releasing private login information.

    Winged
     
    winged, Mar 15, 2005
    #5
  6. rog

    johns Guest

    I don't. I actually know what I'm doing, and have a whole shitload
    of computer labs successfully restricted to a local domain, or an
    allow list of approved ( by me ) web sites. You guys with all the
    jargon are about as valid as a Jr High School typing teacher.
    Not one of those exploits has been able to crack IE 6 under XP
    Pro set up the way I do it, and I can sit and watch them try.
    Even better, I can also sit and watch the students in class try
    to get out ( for more than 2 years now ), and they simply have
    not been able to ... not once. Thing is, it is very easy to set up.
    Your problem, is you buy in to the bullshit about exploits, and
    never really question it. I simply break their backs, and they
    can't touch my systems. A clue ... I don't "allow" the exe to
    run .. or I aim it at a dummy proxy, and then I don't allow
    the user to see the edit tab. It totally works.

    johns
     
    johns, Mar 17, 2005
    #6
  7. rog

    Jerry G. Guest

    If you are using a broadband modem, you can put a router between your modem
    and the computer. Most of the routers offer a filter menu to block undesired
    sites.

    In Internet Explorer, under the Security tab, there is a Restricted Sites
    option. In there, you can enter sites to block. When you do the MS security
    updates, they add new sites to this along with the rest of the update. You
    can go in there manualy, and add sites yourself.

    I would not use additional software to block sites. I would do it with
    Internet Explorer, or in the router. If you are sharing machines on a
    network, it is best to do it in the router.

    --


    Greetings,

    Jerry G.
    ============
     
    Jerry G., Mar 25, 2005
    #7
  8. rog

    Jerry G. Guest

    I would not go so far about saying that Firefox is absolutely safe. We have
    some clients that have had hijackings, and they were using Firefox. By
    default, it is better for security than IE, but it is still able to be
    compromised.

    If IE is properly setup, it is very safe. It takes some knowledge of how to
    go about it. It involves having restrictions with Java, and scripting.

    --


    Greetings,

    Jerry G.
    ============
     
    Jerry G., Mar 25, 2005
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.