[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: firewall url filter

roland wrote:

I have a network with a fedora-server and several workstations-Vista Microsoft (client doesn't want any linux pc's). The users are connected to the internet via a router Lancom.

The client wants to prevent users to connect to sex sites.

Can I use the fedora-box as a firewall, filtering several url's or filtering several keywords?

You can filter all you want and some will get through. Alternatively you can just log all http SYN packets and tell people explicitly that they may have to justify access to any site they visit, or justify using a redirector, etc. That worked quite well at a few places of which I'm aware, it tends to block a lot more than porn, also social sites, etc. You can also log the size of downloads, even using https they have size.

It's a hard call between free access, security, and avoiding paying people for their hobbies. Some places only log during business hours, but have a policy about unannounced scans of business computers.

Bill Davidsen <davidsen tmr com>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]