blocking websites

Qiuli Han ivyharry at gmail.com
Fri Sep 1 18:10:30 UTC 2006 

my solution is
if u have the right to config your domain/lan's DNS server
then add a A record for that host u want!
in this case u can redirect the websites to want to block to
google.com or something like that.

On 9/1/06, Kristian Rink <kristian at zimmer428.net> wrote:
>
> Chris;
>
>
> Chris Lemire schrieb:
> > i have blocked myspace. here's how to do it.
> >
> > echo "127.0.0.1  www.myspace.com" | sudo tee -a /etc/hosts
>
>
> As soon as your user(s) discover(s) how to use an external HTTP proxy,
> this solution has reached its end. And probable he / she will try to
> find a way, seeing that myspace doesn't work on that machine all of a
> sudden. Actually, what do you intend to do by blocking myspace?
>
>
>
>
>
> > i dont believe the person is smart enough to use instant message from a
> > website, but if i need to, ill start blocking all those websites.
>
> No offense, but I think that's simply not the way. As a system
> administrator (and you are right that in this very solution), oppressing
> your users surely is not what you are supposed to do. What reasons are
> there to block users from using IM services on that very machine?
> Security concerns? The intention to keep users from simply doing things
> they're not supposed to?
>
>
>
>
>
> > logging in with the server for IM, so how can I block that? There should
> > be one command  to do it instead of installing squid and a bunch of
> > other software.
>
> It's not a matter of commands or software but first and foremost a
> matter of concept. If you made yourself clear about that, everything
> else will be just fine. To make yourself clear, start reading:
>
>
>
> http://iptables-tutorial.frozentux.net/
> http://www.networkcomputing.com/unixworld/tutorial/013/013.part2.html
> http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS/cHTML/TrinityOS-c-10.html
>
>
>
>
> The latter one is a little outdated but has some basic concepts
> explained very well, nevertheless.
>
>
>
> Some more basic thoughts on that idea: In any networked environment, no
> matter how small, if there are users there should be rules of behaviour,
> policies of use or something the like. And, then, there are two things:
>
>
> - Users should be informed about these very terms of usage, they should
>   know that access to network ressources has been blocked, and they
>   also should know for which reason this is happening.
>
> - A security concept should support but not necessarily enforce these
>   rules. A good way of doing so is to make up a firewalling concept and
>   use some soft- / hardware to get it implemented. Linux, iptables,
>   privoxy and friends are good tools that come in handy here, but they
>   won't keep you from (a) planning a secured environment and (b) knowing
>   how to implement it using the tools you are given.
>
>
> Sorry, this is nothing personal, but I just see too many network
> administrators right now restricting access to services, preventing
> people from communication and access to information, and that's not how
> things should be.
>
>
> Cheers,
> Kris
>
>
>
>
> --
> Kristian Rink *  http://zimmer428.net * jab: kawazu at jabber.ccc.de
> icq: 48874445 *  fon: ++49 176 2447 2771
> "One dreaming alone, it will be only a dream; many dreaming together
> is the beginning of a new reality." (Hundertwasser)
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>

More information about the ubuntu-users mailing list