The quickest & dirtiest method I can think of is to use firewall rules (policies, actually) to prevent traffic to/from everywhere except for those few sites. This is easy if there are only 2-3 (or let's say less than 10) ip addresses, but if there are more then you might want to do something else. Also this is probably a lot more effective than using some userlevel program, because the firewall which hopefully works on lower level effectively prevents all kind of traffic except what you want to pass.
So, for example with iptables you'd set the input/output/forward policies to drop and then add some rules to allow traffic to and from the few ip addresses of those sites you want to grant access to.
EDIT: note that if one of those sites included a way to show content from other sites, I'm not sure this works. Or said the other way around, there may be holes in this method 
but the good thing is that (at least if the system is configured in a sane way) only administrator can control the firewall, so it's not easy to directly break the rules.
