Limit browsing to 5 sites/block the rest of the web

[E Ortega]

Hi All,

I just got DSL services on a small office network (5 Pcs). I would like to
limit internet browsing to only 5 sites that we do business with and would
like to block-out the rest of the internet. Any ideas?

Thanks in advance.

Windows XP Pro SP2, Linksys router.

 

[Vanguard]

Hi All,

I just got DSL services on a small office network (5 Pcs). I would
like to limit internet browsing to only 5 sites that we do business
with and would like to block-out the rest of the internet. Any ideas?

Thanks in advance.

Windows XP Pro SP2, Linksys router.

Put a NAT router with firewall between your internal hosts and the DSL
modem to configure the URLs for the domains that you want to allow. You
could also use a gateway host running a firewall or get a firewall
appliance if you need more power, more rules, or more features than what
a NAT router's firewall provides. There are MANY Linksys routers, each
with varying features. You didn't mention WHICH one that YOU use. A
low-end D-Link NAT router has more firewall features than a low-end
Linksys NAT router, but maybe you have something more potent than the
LinkSys BEFSR41 entry-level NAT router.

 

[E Ortega]

Thank you. I have a Linksys WRT55AG router.

Put a NAT router with firewall between your internal hosts and the DSL
modem to configure the URLs for the domains that you want to allow. You
could also use a gateway host running a firewall or get a firewall
appliance if you need more power, more rules, or more features than what a
NAT router's firewall provides. There are MANY Linksys routers, each with
varying features. You didn't mention WHICH one that YOU use. A low-end
D-Link NAT router has more firewall features than a low-end Linksys NAT
router, but maybe you have something more potent than the LinkSys BEFSR41
entry-level NAT router.

 

[Vanguard]

Thank you. I have a Linksys WRT55AG router.

I went to
http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=664 and
clicked on the link for the User Guide to see what firewall features it
had. It looks to have the basic-only crappy firewall in it that the
wired BEFSR41 has; i.e., it incorporates a protective firewall but not a
configurable one. You'll need to run your local network through a
gateway host so you can run a firewall program on it, or use a much more
configurable firewall appliance, that provide for URL or domain
filtering (either as blacklisting, whitelisting, or both). Else, you
are stuck with installing a firewall with similar features on each host
but which can be configured to only let an admin login to the firewall
to configure it, or use some other censorware product with similar
admin-protected features so the users cannot alter to which sites they
can visit.

My D-Link DI-604 at half the price had more firewall configurability
than the Linksys BEFSR41 that replaced it. Memory was limited so you
could define more than 10 filters to block or 10 others to allow but you
had some configurability. When I got the Linksys NAT router, I had to
define several filter rules back in my software firewall running on my
host that I used to define in the NAT router (for all local hosts
connected to it). Linksys builds routers with NAT but their firewall
feature set is very minimal.

 

[Leythos]

It looks to have the basic-only crappy firewall in it that the
wired BEFSR41 has; i.e., it incorporates a protective firewall but not a
configurable one.

The Linksys NAT routers DO NOT CONTAIN ANY FIREWALL - they do NAT, which
is not a firewall function, it's a basic routing function which is being
marketed to the ignorant as a Firewall function.

 

[E Ortega]

Thanks again for your help. I guess I'll have to get a better appliance.

 

[Kerry Brown]

Hi All,

I just got DSL services on a small office network (5 Pcs). I would like to
limit internet browsing to only 5 sites that we do business with and would
like to block-out the rest of the internet. Any ideas?

Thanks in advance.

Windows XP Pro SP2, Linksys router.

I can think of a few things to investigate. I haven't tried them so I'm not
sure if they'll work. If the pc's are all using XP Pro you could use group
policies to set the security level to trusted sites and add the sites to the
trusted sites list. You could also try using the host file with all traffic
directed to 127.0.0.1 except for the domains in question. Instead of
upgrading your router you could install a Linux box with a DNS server that
only resolved the wanted sites and point all your pc's to this server. The
best solution would probably be some software to implement this. A google
search found the following: http://www.codework.com/bcontrol/product.html

There are many possible solutions.

Kerry