Block certian users from accessing certian domains\IP adress

  • Thread starter Thread starter harryguy082589
  • Start date Start date
H

harryguy082589

Hi,

Can anybody suggest a way to prevent certian users form acessing
certian domains\IP adresses?

Normaly i'd use the HOSTS file, but since i olny want to block them for
one user i can't. Using IE settins won't work because the user will
just use a different browser, and makeing a proxy just seems excessive.

Thanks in advance,

dan
 
If the user can install a different browser then it sounds like they are
also local administrators that could make any attempts to restrict them
futile. If there is a way to not let them be local administrators or power
users then maybe a third party program like Cyber Sitter would be worth a
try. Configuring proxy settings works OK if you plan to block everything
and then define the allowed websites and IP addresses and you can block
their access to be able to configure proxy settings. Hosts file will not
stop the user from directly entering IP addresses in the address bar to try
and gain access. The free Microsoft Shared Computer Toolkit may also be
something to look at depending on how much you want to lock down the
user. --- Steve

http://www.cybersitter.com/cybinfo.htm --- Cyber Sitter
http://www.microsoft.com/windowsxp/sharedaccess/default.mspx --- Shared
Computer Toolkit
 
I dowloaded shared toolkit, it helped me elimnate some other problems i
was having, but didn't help with the internet

I also dowloaded a Cyber Sitter, but i couldn't find a way to easily
restrict olny certian windows xp users

Any sugestions for other ideas or programs?
 
Portslock may be able to some of what you want to do though I doubt it can
block by domain name - only IP address for ports used for the internet and
can have different firewall rules for different users. I know that Microsoft
ISA 2004 can do what you want [user/group based access lists] but I believe
it is around $1500 and the cost of a server operating system and a computer
to install it on to act as the gateway. You can try it for free
wever. --- Steve

http://www.portslock.com/
 
There is a registry tweak that allows you to control what .exe's a user can
and can not
execute. I'm sorry i dont remember the specifics anymore, just that's it's
possible.
You can use the tweak combined with IE's settings.


While it maybe a pain to make entries for every file you what to allow to
run,
It's worth it, if you feel you can't trust a user to be a responsible
computer user
and to follow the rules.
 
Back
Top