Block Websites Hosted On A Dynamic Address

Block Websites Hosted On A Dynamic Address (Full Version)

All Forums >> [ISA 2006 Firewall] >> HTTP Filtering

Message

zakfleming -> Block Websites Hosted On A Dynamic Address (16.Jul.2009 3:46:33 PM)
Block Websites Hosted On A Dynamic Address Hi, I work in a school, some of the students are being crafty and hosting inappropriate content on their home computers. One example is one student hosted a proxy site a few weeks ago. We are using Websense to filter our traffic but there is nothing in there to block sites hosted on a dynamic IP. I have blocked the URL of the proxy but the student can easily get passed that by putting the Puplic IP address of the home connection. So is there a way to block all Dynamic IP addresses and websites hosted on a dynamic address? Thanks

pwindell -> RE: Block Websites Hosted On A Dynamic Address (17.Jul.2009 12:53:51 PM)
You can't. The school has to deal with the brat "human to human". If the school is not willing to do that,...then the war is over,...you lost,...let the brats do whatever they want.

zakfleming -> RE: Block Websites Hosted On A Dynamic Address (17.Jul.2009 1:58:35 PM)
He has been blocked from the internet and is being dealt with by the Senior Leadership Team. But how many other people has he told? It will be hard finding these people.

pwindell -> RE: Block Websites Hosted On A Dynamic Address (17.Jul.2009 2:14:36 PM)
I do feel for you. You can only block things when you know what they are and their identity doesn't keep changing. One extreme solution is to only allow access to a list of approved sites, while leaving the whole entire Internet,... that isn't accounted for on the approved list,... blocked. Now that doesn't mean you have to block all protocols,...you would only need to do that with HTTP and HTTPS. Now there is one other thing I can think of. That is the use of Content Filters that actually open the HTTP packets and look at the content of the pages. ISA is not flexible enough for that. You can try, but it will be a long and losing battle. But there are third party products that operate as plugins for the ISA. They may help. But I don't have any exact recommendations, I can only direct you here: Microsoft Internet Security & Acceleration Server: Partners http://www.microsoft.com/isaserver/partners/default.mspx One last thing that is free, and it still may not fix this one particular situation. Use www.opendns.com . You have to stop using your ISP for the public DNS and start using these guys. As long as you have approached your DNS design properly (trust me, a lot of places have made a mess of theirs) then you just change the IP# used in the Forewarders List in the config on your local DNS Servers.

zakfleming -> RE: Block Websites Hosted On A Dynamic Address (17.Jul.2009 2:22:07 PM)
We used to use OpenDNS but had a few issues with an educational site. It was a long shot, the only software that i know can do this is SmoothWall.

Page: [1]