|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
02-08-2009
| #1 (permalink) |
| | Re: Good content blocker/site blocker for Vista workstation? "Leythos" <spam999free@xxxxxx> wrote in message news:MPG.23f8ef7d4f91e1b79898e9@xxxxxx Quote: > In article <6v8ko8Finp8oU3@xxxxxx>, dan@xxxxxx says... Quote: >> on 2/8/09 7:49 AM Leythos said the following: Quote: >> > In article <O0wk7tXiJHA.996@xxxxxx>, >> > erratic@xxxxxx says... >> >> Can you control the laptop's DNS lookups? Not the hosts file, >> >> but the primary and secondary servers? Just thinking out loud >> >> here, but a proxy DNS could function as a whitelist couldn't it? >> > >> > At this time the laptop is uncontrolled, not part of a domain, and the >> > laptop is used at homes as well as their construction trailer where >> > there is just a ATT wireless DSL setup. While they remote into the >> > Terminal Server they have found many times when people are surfing the >> > net and doing questionable things online - there is no real firewall >> > appliance and it's just an off-the-shelf (cheap) Vista laptop with no >> > important files stored on it. >> > >> > At this time the DSL assigns 192.168 addresses and we have no real >> > option to install a firewall or other hardware at this location. >> > >> So you have a WiFi router and the laptop connects to it via WiFi? Or >> you have a 3G card for the laptop? > Could be both, as the user can move from network to any other network, > depending on if they are at home or at the office or at a WiFi spot, > etc... > > This has to be a solution that works at the laptop, no hardware > permitted. if anyone has written such a thing - or if it is even feasible. If an AV can proxy/filter outgoing SMTP why can't a program proxy/filter outgoing DNS requests and onlylet certian ones through. |
My System Specs |
|
02-08-2009
| #2 (permalink) |
| | Re: Good content blocker/site blocker for Vista workstation? on 2/8/09 12:33 PM Leythos said the following: Quote: > In article <6v8ko8Finp8oU3@xxxxxx>, dan@xxxxxx says... Quote: >> on 2/8/09 7:49 AM Leythos said the following: Quote: >>> In article <O0wk7tXiJHA.996@xxxxxx>, >>> erratic@xxxxxx says... >>>> Can you control the laptop's DNS lookups? Not the hosts file, >>>> but the primary and secondary servers? Just thinking out loud >>>> here, but a proxy DNS could function as a whitelist couldn't it? >>> At this time the laptop is uncontrolled, not part of a domain, and the >>> laptop is used at homes as well as their construction trailer where >>> there is just a ATT wireless DSL setup. While they remote into the >>> Terminal Server they have found many times when people are surfing the >>> net and doing questionable things online - there is no real firewall >>> appliance and it's just an off-the-shelf (cheap) Vista laptop with no >>> important files stored on it. >>> >>> At this time the DSL assigns 192.168 addresses and we have no real >>> option to install a firewall or other hardware at this location. >>> >> you have a 3G card for the laptop? > Could be both, as the user can move from network to any other network, > depending on if they are at home or at the office or at a WiFi spot, > etc... > > This has to be a solution that works at the laptop, no hardware > permitted. > whitelist. Do not allow user to modify netnanny or install/config other software. |
| My System Specs |
|
02-09-2009
| #3 (permalink) |
| | Re: Good content blocker/site blocker for Vista workstation? In article <gmodtp$257$1@xxxxxx>, V@xxxxxx says... Quote: > I've heard of some censorware, like NetNanny, but never used any. > However, getting back to OpenDNS, you don't have to install any software > to use OpenDNS and you can use it no matter to whose network you happen > to connect at the time. You configure the TCP parameters to use the > OpenDNS server. Whether at someone's home, in the construction trailer, > while travelling, or wherever, that laptop will still be using the > OpenDNS server to resolve IP name-to-address lookups. Because the > laptop will likely be getting a dynamic IP address from whomever's DHCP > server is available on the current network, you need to use a DNS > reporter client on the laptop to tell your OpenDNS account what is your > current IP address. Then when you connect using that IP address, > OpenDNS knows to apply your account's settings to your network traffic. > Obviously the abusive employees must be using a limited user account so > they cannot alter the TCP setup (to revert to DHCP-assigned DNS servers > and get away from using the OpenDNS servers). Since you're talking > about Windows Vista, again, no software install is needed. Just create > a limited user account (LUA) that all the non-admin users must share (or > give them each their own LUA account). clients, but it was a concern that they could stop the client and still surf or other method. Not having used the client, I wasn't sure how it would work if they didn't run it - I would assume that the DNS would fail if the client wasn't running, at least I would hope so. Quote: > Of course, if the company were really interested in controlling what > their employees do with the company's property, like the laptop, then > they should establish policies and enforce them. To that end, and since > it is the company's property, they could install monitoring software to > see just where their employees are visiting on the Net. I've heard of > SpectorSoft as one vendor of spy software (never used it, though). already completed the solution, but they have several issues and are moving and etc.... They don't want to "Monitor" them, just block all except approved sites. Thanks for the discussion - I think that NetNanny may be the route to take this one. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@xxxxxx (remove 999 for proper email address) |
| My System Specs |
|
02-09-2009
| #4 (permalink) |
| | Re: Good content blocker/site blocker for Vista workstation? In article <6v9fqrFipgk7U1@xxxxxx>, dan@xxxxxx says... Quote: > use http://www.netnanny.com/products/netnanny and then set up a > whitelist. Do not allow user to modify netnanny or install/config other > software. > -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@xxxxxx (remove 999 for proper email address) |
| My System Specs |
|
02-09-2009
| #5 (permalink) |
| | Re: Good content blocker/site blocker for Vista workstation? On Mon, 9 Feb 2009 06:23:08 -0500, Leythos wrote: Quote: > If the company was able to put money into this project I would have > already completed the solution, but they have several issues and are > moving and etc.... They don't want to "Monitor" them, just block all > except approved sites. > > Thanks for the discussion - I think that NetNanny may be the route to > take this one. and config it, then when they see the limitations, issues and potential annoyances, be ready to give them a more professional solution. -- Meet Ari! http://tr.im/1fa3 "To get concrete results, you have to be confrontational". |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Re: Good content blocker/site blocker for Vista workstation? | Vista security | |||
| RE: pop up blocker | Vista General | |||
| pop up blocker | Vista performance & maintenance | |||
| MS - Pop up Blocker | Vista General | |||
