blocking websites

fakie_flip · 08-31-2006, 11:02 PM

Is there any better way to block websites than using iptables? I would like to block all website's on the myspace server. I'd also like to block all instant messaging chatting from this computer. This computer is also running windows in VMware server, so I'd like to block myspace from being used from it too. If I use iptables to block myspace, it will block it from any web browser even if the web browser is IE6 running in VMware Server right? I got this ip using ping. How can I block all of it sending and coming to this computer?

Code:

ubuntu@ubuntu:~$ ping www.myspace.com
PING www.myspace.com (216.178.32.51) 56(84) bytes of data.
64 bytes from 216.178.32.51: icmp_seq=1 ttl=244 time=115 ms
64 bytes from 216.178.32.51: icmp_seq=2 ttl=244 time=156 ms

--- www.myspace.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1005ms
rtt min/avg/max/mdev = 115.457/136.140/156.823/20.683 ms
ubuntu@ubuntu:~$

isuck@linux · 08-31-2006, 11:05 PM

I believe you can include it in the host.deny file. It'll be completely banned.

fakie_flip · 08-31-2006, 11:22 PM

I tried adding the ip to /etc/hosts.deny. I wasn't able to block www.myspace.com. Have you tried it?

Electro · 09-01-2006, 04:21 AM

Set up a proxy server like squid. The hosts.deny in /etc is actually for services on the computer that you want to deny access from certain people. The program have to support tcpwrappers in order for /etc/hosts.deny to work.

isuck@linux · 09-01-2006, 08:17 AM

No, I haven't try it, I do my blocks in the firewall. Don't you have a firewall before your box?

fakie_flip · 09-01-2006, 09:45 AM

Quote:

Originally Posted by isuck@linux

No, I haven't try it, I do my blocks in the firewall. Don't you have a firewall before your box?

yes, iptables, but it's not very simple and user friendly, so i am asking for some help untill i get the hang of it. i figured out how to block myspace. this is how to do it.

Code:

echo "127.0.0.1  www.myspace.com" | sudo tee -a /etc/hosts

How can I block ports that specific programs use with servers on the internet? What is the iptables command to do that?

Electro · 09-01-2006, 04:27 PM

Again try using a proxy server like squid. You can block any site by its domain name (I think) and limit what content that a user can download. Setting up a web browser to use a proxy server is very easy.

Firestarter makes setting up IPTABLES a lot easier. There is also firewall builder.

fakie_flip · 09-02-2006, 07:57 PM

Why load a computer down with a proxy server for such a simple task? I'm using dialup, don't have a spare computer to put squid proxy server on, and setting up a web browser to use a proxy server may be easy, but setting up the proxy server could be very time consuming and not so easy. Is firewall builder a script? I'd like to use something besides firestarter. Thanks for the information.