Re: block internet at two workstations

• Previous message: Ryan Macfarlane: "RE: PHP and remote execution"
• Maybe in reply to: Tim Laureska: "block internet at two workstations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 12 May 2003 11:13:24 -0500 (CDT)
To: security-basics@securityfocus.com

There's really no reason to try it-- the 'http://' part of a URL is just a
protocol identifier, not a hostname. The HOSTS file is concerned only
with hostnames, not with protocols (it more or less works on the
network layer, not the application layer). Additionally, in most host
files, the IP is listed first, then the hostname.

You can test this by adding
  127.0.0.1 www.microsoft.com
to your HOSTS, then trying 'ping -a www.microsoft.com'. You'll see that
even with ping, the hostname www.microsoft.com resolves to 127.0.0.1.

Alaric

On 5/07/2003, Remington Winters <fyreguy@rivetgeek.com> wrote:

>Havent tested this but you might try adding a line to the host file that
>says
>
> http:// 127.0.0.1
>
>In theory that should direct them to their own machine for any http query
in
>a browser. Just make sure the user doesnt have access to edit that file.
>Or, you could simply remove IE....

>> -----Original Message-----
>> From: Tim Laureska [mailto:hometeam@goeaston.net]
>> Sent: Tuesday, May 06, 2003 6:01 AM
>> To: security-basics
>> Subject: block internet at two workstations
>>
>>
>> I'm working with a small (10 user network) with a netgear FVS318
>> firewall, accessing the internet via cable modem.. The client wants to
>> block internet access at two workstations. I don't see anything
>> available within the firewall documentation/configuration that would
>> address this. What is the best and easiest way to do this ...easy and
>> best may be a contradiction :-)
>>
>> TIA
>> Tim

---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes: Security +, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------

• Previous message: Ryan Macfarlane: "RE: PHP and remote execution"
• Maybe in reply to: Tim Laureska: "block internet at two workstations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Sendmail.cf modifications for local mail without going to internet ... # basic textual canonicalization -- note lack of RFC733 heuristic here ... # next two lines only gen'd if have aliases for all and $N isn't LOCAL ... # Fake hosts in my domain ... # (we pull off the local hostname in all cases, ... (comp.mail.sendmail) Brainstorming needed: impact of changing hostname ... Our management has raised that the current naming convention ... of our servers would reveal the organisation name and OS type ... is this truly a security threat among IT security circle ... hostname (across different Solaris versions; ... (SunManagers) Re: A problem with "hosts" file: hostnames with dots are not being resolved ... When I include the following two entries into my "hosts" file ... but the second hostname isn't. ... Instead of the website you're using, I suggest to use OEx (Outlook Express ... (microsoft.public.win2000.dns) RE: HTTP request working via hostname but not via IP address ... Sometimes you can get the hostname return the correct IP, ... Concerned about Web Application Security? ... Download FREE whitepaper on how a managed service ... Download FREE whitepaper on how a managed service can ... (Pen-Test) Re: [SLE] SMTP and incomming mail -- PROBLEMS?? ... Hosts is only used as a DNS replacement. ... What you suggest should have no effect on incomming smtp. ... As far as HOSTNAME, I think, someone correct me if I am wrong, that since I ... > Check the headers for your unsubscription address ... (SuSE)