[TriLUG] MAC-based web blocking
Josh Vickery
josh at vickeryj.com
Wed Sep 13 09:50:45 EDT 2006
Yes a managed switch would be easier and more flexible. But unmanaged
switches are really cheap, and there might even be a spare one lying
around. Also, I realized that I mistyped my original post. If its
just one host you don't need a switch at all, you could plug them
straight into the punishment box with a crossover cable.
On 9/13/06, OlsonE at aosa.army.mil <OlsonE at aosa.army.mil> wrote:
> What we used to do (at a previous company)...is we had two DHCP ranges.
> The first (default), was allowed NO internet access... and the latter,
> WAS allowed access, which was filtered.
>
> Repeat offenders got moved to the default DHCP range, until their
> manager / section head gave the "okay" to move to the other range.
>
> The only thing we really blocked was streaming media, mIRC, Kazaa,
> Limewire, eMule, eDonkey, etc, etc, etc.
>
>
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
> Behalf Of Shawn William Taylor
> Sent: Wednesday, September 13, 2006 9:36 AM
> To: Triangle Linux Users Group discussion list
> Cc: Triangle Linux Users Group discussion list;
> trilug-bounces at trilug.org
> Subject: Re: [TriLUG] MAC-based web blocking
>
> If you are buying a switch, couldn't you buy a managed switch and just
> use that to solve the issue?
>
> Shawn
>
>
>
>
> "Josh Vickery" <josh at vickeryj.com>
> Sent by: trilug-bounces at trilug.org
> 09/13/2006 09:28 AM
> Please respond to
> Triangle Linux Users Group discussion list <trilug at trilug.org>
>
>
> To
> "Triangle Linux Users Group discussion list" <trilug at trilug.org>
> cc
>
> Subject
> Re: [TriLUG] MAC-based web blocking
>
>
>
>
>
>
> Well, if you don't have managed switches, you can do a RLAN ;) And by
> "RLAN" I mean, a real LAN. Physically run the perp's ethernet through
> a different switch, into a router/squid proxy that punishes him as you
> and your boss see fit. If you anticipate adding more people to this
> punishment zone, you could buy a switch to put in front of the
> router/squid proxy.
>
> On 9/13/06, Brian Henning <brian at strutmasters.com> wrote:
> > AAUGH! NO! BAD DAVE!
> >
> > RSA 1024-bit encrypted SMOKE SIGNALS!!
> >
> > Dave Sorenson wrote:
> > > AAUGH! NO, BAD IAN
> > >
> > >
> > > 2 Campbells soup cans and some string anyone?
> > >
> > > :-P
> > >
> > > Ian Kilgore wrote:
> > >> On Wed, Sep 13, 2006 at 07:40:00AM -0400, jason at monsterjam.org
> wrote:
> > >>
> > >>> bind?! you gotta be kidding..
> > >>> http://www.isc.org/index.pl?/sw/bind/bind-security.php
> > >>> next to sendmail, its been historically swiss cheese as far as
> > >>> security holes..
> > >>> If you feel the need to use software that needs to be updated
> every
> > >>> few months, knock yourself out.
> > >>>
> > >>> regards,
> > >>> Jason
> > >>>
> > >> AAUGH! NO, BAD JASON!
> > >>
> > >> /etc/hosts
> > >>
> > >>
> > >> (it's super secure!)
> > >>
> >
> > --
> > ----------------
> > Brian A. Henning
> > strutmasters.com
> > 336.597.2397x238
> > ----------------
> > --
> > TriLUG mailing list :
> http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ : http://trilug.org/faq/
> > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> >
> --
> TriLUG mailing list :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
> --
> TriLUG mailing list :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
More information about the TriLUG
mailing list