Re: blocking websites
- From: Kristian Rink <kristian@xxxxxxxxxxxxx>
- Date: Fri, 01 Sep 2006 18:12:04 +0200
Chris;
Chris Lemire schrieb:
i have blocked myspace. here's how to do it.
echo "127.0.0.1 www.myspace.com" | sudo tee -a /etc/hosts
As soon as your user(s) discover(s) how to use an external HTTP proxy,
this solution has reached its end. And probable he / she will try to
find a way, seeing that myspace doesn't work on that machine all of a
sudden. Actually, what do you intend to do by blocking myspace?
i dont believe the person is smart enough to use instant message from a
website, but if i need to, ill start blocking all those websites.
No offense, but I think that's simply not the way. As a system
administrator (and you are right that in this very solution), oppressing
your users surely is not what you are supposed to do. What reasons are
there to block users from using IM services on that very machine?
Security concerns? The intention to keep users from simply doing things
they're not supposed to?
logging in with the server for IM, so how can I block that? There should
be one command to do it instead of installing squid and a bunch of
other software.
It's not a matter of commands or software but first and foremost a
matter of concept. If you made yourself clear about that, everything
else will be just fine. To make yourself clear, start reading:
http://iptables-tutorial.frozentux.net/
http://www.networkcomputing.com/unixworld/tutorial/013/013.part2.html
http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS/cHTML/TrinityOS-c-10.html
The latter one is a little outdated but has some basic concepts
explained very well, nevertheless.
Some more basic thoughts on that idea: In any networked environment, no
matter how small, if there are users there should be rules of behaviour,
policies of use or something the like. And, then, there are two things:
- Users should be informed about these very terms of usage, they should
know that access to network ressources has been blocked, and they
also should know for which reason this is happening.
- A security concept should support but not necessarily enforce these
rules. A good way of doing so is to make up a firewalling concept and
use some soft- / hardware to get it implemented. Linux, iptables,
privoxy and friends are good tools that come in handy here, but they
won't keep you from (a) planning a secured environment and (b) knowing
how to implement it using the tools you are given.
Sorry, this is nothing personal, but I just see too many network
administrators right now restricting access to services, preventing
people from communication and access to information, and that's not how
things should be.
Cheers,
Kris
--
Kristian Rink * http://zimmer428.net * jab: kawazu@xxxxxxxxxxxxx
icq: 48874445 * fon: ++49 176 2447 2771
"One dreaming alone, it will be only a dream; many dreaming together
is the beginning of a new reality." (Hundertwasser)
--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
- Follow-Ups:
- Re: blocking websites
- From: Qiuli Han
- Re: blocking websites
- References:
- blocking websites
- From: Chris Lemire
- Re: blocking websites
- From: Gabriel M Dragffy
- Re: blocking websites
- From: Chris Lemire
- blocking websites
- Prev by Date: weird vmware problem on Dapper
- Next by Date: RE: weird vmware problem on Dapper
- Previous by thread: Re: blocking websites
- Next by thread: Re: blocking websites
- Index(es):
Relevant Pages
|
