Is there a way to setup something like and ACL (Access Control List) to
allow a computer in a network to only be allowed access to one Website only.
No other computers, no email, etc. I am setting up a sales station and it
would only be allowed to our Website. I am using a simple NetGear wireless
router (current version). I can see where you can block certain sites or
keywords, but nothing that would be reverse of that. Computer is XP Pro
SP2.

Thanks!!

--
Remove 'spam' from email address to contact me directly

Hi, Karl -

Do you have control of the webserver? If so, what about configuring the
webserver to listen on an additional port and blocking port 80 (http), port
25 and 110 (email) and so on at the router?

For instance, if your webserver is configured to listen on both port 80 (the
standard web port) and say, port 76 (I just made that one up) then your
shortcut on the sales workstation could point to http://yoursite.com:76 and
as long as that port was open on the router the guy could get through to the
company website but no others

For IE security only you could put all sites in the 'restricted sites' zone
on the workstation and then put your sales site in the 'trusted sites' zone,
but that wouldn't affect email at all - only web browsing.

Just a couple of ideas here - I'm sure there will be others.

good luck!

"Karl Burrows" wrote:

> Is there a way to setup something like and ACL (Access Control List) to
> allow a computer in a network to only be allowed access to one Website only.
> No other computers, no email, etc. I am setting up a sales station and it
> would only be allowed to our Website. I am using a simple NetGear wireless
> router (current version). I can see where you can block certain sites or
> keywords, but nothing that would be reverse of that. Computer is XP Pro
> SP2.
>
> Thanks!!
>
> --
> Remove 'spam' from email address to contact me directly
>
>
>

it is possable... peer guardian (methlabs.org) in the block list, put a
range of addresses that doesn't include your range of address you want to
access and save the file.

KK

"Karl Burrows" <(E-Mail Removed)> wrote in message
news:X4Bmd.80198$(E-Mail Removed)...
> Is there a way to setup something like and ACL (Access Control List) to
> allow a computer in a network to only be allowed access to one Website
only.
> No other computers, no email, etc. I am setting up a sales station and it
> would only be allowed to our Website. I am using a simple NetGear
wireless
> router (current version). I can see where you can block certain sites or
> keywords, but nothing that would be reverse of that. Computer is XP Pro
> SP2.
>
> Thanks!!
>
> --
> Remove 'spam' from email address to contact me directly
>
>

You can use something like WinProxy = www.ositis.com with a *White List*
that only allows the sites on your list. This provides a pretty good way to
do what you want.

I've used it running on a firewall computer to keep the websites available
on the LAN down to a critical few.
How it works in firewalling the WinProxy computer itself is subject to
settings, etc. and you should verify that you can do what you want.
Then, perhaps you would want to make the WinProxy settings unreachable with
a password or some such....

Fred

I've not tried it
"Karl Burrows" <(E-Mail Removed)> wrote in message
news:X4Bmd.80198$(E-Mail Removed)...
> Is there a way to setup something like and ACL (Access Control List) to
> allow a computer in a network to only be allowed access to one Website
> only. No other computers, no email, etc. I am setting up a sales station
> and it would only be allowed to our Website. I am using a simple NetGear
> wireless router (current version). I can see where you can block certain
> sites or keywords, but nothing that would be reverse of that. Computer is
> XP Pro SP2.
>
> Thanks!!
>
> --
> Remove 'spam' from email address to contact me directly
>

"Karl Burrows" <(E-Mail Removed)> wrote in
news:X4Bmd.80198$(E-Mail Removed):

> Is there a way to setup something like and ACL (Access Control List)
> to allow a computer in a network to only be allowed access to one
> Website only. No other computers, no email, etc. I am setting up a
> sales station and it would only be allowed to our Website. I am using
> a simple NetGear wireless router (current version). I can see where
> you can block certain sites or keywords, but nothing that would be
> reverse of that. Computer is XP Pro SP2.
>
> Thanks!!
>

Sure, although probably not with just that router. The simplest solution
would be to upgrade to a router that allows ACL's. Any cisco router with
2 ethernet interfaces will work just fine. The loswet cost current model
is probably the 831, but there are plenty of lower cost older models
available on ebay.

As an alternative you could place another PC between your client
PC and the router and configure it as a router with only one route or as
a firewall using ipchains, iptables or a freeware firewall like
smoothwall as well.

"Karl Burrows" <(E-Mail Removed)> wrote in
news:X4Bmd.80198$(E-Mail Removed):

> Is there a way to setup something like and ACL (Access Control List)
> to allow a computer in a network to only be allowed access to one
> Website only. No other computers, no email, etc. I am setting up a
> sales station and it would only be allowed to our Website. I am using
> a simple NetGear wireless router (current version). I can see where
> you can block certain sites or keywords, but nothing that would be
> reverse of that. Computer is XP Pro SP2.
>
> Thanks!!
>

You may be able to go directly to the machine and do it using IPsec.

http://www.petri.co.il/block_web_bro...with_ipsec.htm

You'll have to play around and see what you can and cannot do.

http://www.analogx.com/contents/articles/ipsec.htm

Duane

I think I figured it out. If I create a hosts file with only that domain
and IP address and assign a static IP with no DNS, that should block all
network traffic except the site I want. What do you think?

"allan grossman" <(E-Mail Removed)> wrote in message
news:EBECC475-3EAF-4D7B-81C8-(E-Mail Removed)...
> Hi, Karl -
>
> Do you have control of the webserver? If so, what about configuring the
> webserver to listen on an additional port and blocking port 80 (http),
> port
> 25 and 110 (email) and so on at the router?
>
> For instance, if your webserver is configured to listen on both port 80
> (the
> standard web port) and say, port 76 (I just made that one up) then your
> shortcut on the sales workstation could point to http://yoursite.com:76
> and
> as long as that port was open on the router the guy could get through to
> the
> company website but no others
>
> For IE security only you could put all sites in the 'restricted sites'
> zone
> on the workstation and then put your sales site in the 'trusted sites'
> zone,
> but that wouldn't affect email at all - only web browsing.
>
> Just a couple of ideas here - I'm sure there will be others.
>
> good luck!
>
> "Karl Burrows" wrote:
>
>> Is there a way to setup something like and ACL (Access Control List) to
>> allow a computer in a network to only be allowed access to one Website
>> only.
>> No other computers, no email, etc. I am setting up a sales station and
>> it
>> would only be allowed to our Website. I am using a simple NetGear
>> wireless
>> router (current version). I can see where you can block certain sites or
>> keywords, but nothing that would be reverse of that. Computer is XP Pro
>> SP2.
>>
>> Thanks!!
>>
>> --
>> Remove 'spam' from email address to contact me directly
>>
>>
>>

"Karl Burrows" <(E-Mail Removed)> wrote in message news:<X4Bmd.80198$(E-Mail Removed)>...
> Is there a way to setup something like and ACL (Access Control List) to
> allow a computer in a network to only be allowed access to one Website only.
> No other computers, no email, etc. I am setting up a sales station and it
> would only be allowed to our Website. I am using a simple NetGear wireless
> router (current version). I can see where you can block certain sites or
> keywords, but nothing that would be reverse of that. Computer is XP Pro
> SP2.
>
> Thanks!!

If you use the firewall in the Netgear router you can set a rule to
allow http and/or https to a specific IP address (your website) and
disallow everything else. You might want to allow a couple of others -
MS updates/AV updates etc.

The downside of this is that if your website has links to other
websites you need to include these as well or they won't work.

Brian