Windows server 2003 question

Status
Not open for further replies.
C

canooten

In Runtime
Messages
276
Please bear with me as I'm pretty much a noob to Windows Server.

My wife's company (small local business) has had me do some of their PC and network maintenance over the years, which was easy since they used to have a simple network setup.
Recently they had a company install a Windows Server and now have all of the client machines running through this server. All employees have an individual login they use on whatever machine they happen to be at. 95% of their programs now run off of the server (a couple of machines have local programs installed, such as my wife and other managers).
They've had an issue lately with one employee spending way too much work time keeping up with his ebay auctions and the office manager asked me if ebay could be blocked. I've checked their router and individaul URL blocking or filtering is not available, so short of a software firewall, it looks like the Win03 server is the next place to try.
I know the best route would be to reprimand the employee and just tell him to cut it out, but that's not my issue. I'm just trying to help them out.

Again, I'm pretty green with the whole Windows server/client setup. I understand the concept, but not the specific setup they have. Is URL blocking an option with this setup? Can it be done by user or would it have to be system wide?

Any instructions would be great.
 
You can use DNS, if you have it installed. I'll get back to you when I get home on how to do it since I'm at class, I have 2003 on my machine at home.

There are other options too like proxy server, but if you need to buy more hardware or software I don't recommend it. It's just more money to spend.
 
Thanks for the reply. Just let me know what to look for on the machine. I've browsed it a few times, but I'm not compeltey sure what's installed on it.
 
Forget what I said about the DNS thing, I was trying to figure it out myself but couldn't remember. Have to ask my instructor how he did it. But he's no where to be found...

Heres another way. Computer when accessing the internet will first attempt to look in the host file before they request DNS to get to the webpage. So you are going to edit his host file on his machine. Of course when he's not there you will log on his machine with administrator power then you will go to the windows\system32\driver\etc. Open the host file with notepad and enter these setting below the
127.0.0.1 localhost

127.0.0.1 ebay.com
127.0.0.1 www.ebay.com
127.0.0.1 www.ebay.ie
127.0.0.1 www.motors.ebay.com
127.0.0.1 www.ebay.ca
127.0.0.1 www.ebay.co.uk
127.0.0.1 www.half.ebay.com
127.0.0.1 hub.ebay.com
127.0.0.1 computers.ebay.com
127.0.0.1 www.ebay.com.au
 
Then after click save, and exit out. Now open up command prompt and do ipconfig /flushdns

These setting will block the ebay website. If you want to block more ebay website just google ebay. Google will list all ebay web pages, all you have to do is enter the url into the host file and do the ipconfig /flushdns and you'll be golden. This method is cheap and pretty much don' cost you any $.
 
The best way to block the website is probably by using a proxy server, such as Squid, or SquidGuard. From there you just define the domains or words you want to block.

Although I haven't done this, you could also in theory put in an entry for eBay in your DNS server that points somewhere else.

Editing the local user's host file is not always a sure fix, because it is not always reliably maintained, stored, or managed. If you don't have the user's individual session(s) locked down, they can easily go dork around with their host file and just remove your edits.
 
"Although I haven't done this, you could also in theory put in an entry for eBay in your DNS server that points somewhere else."

That's what I've been trying to do, but can't figure it out. I know you just redirect the domain ebay.com to the loopback address, but can't figure where I would put it. Blah...I'll just ask my instructor later.
 
The problem with editing the HOST file is that it only affect that machine, so if he goes to another machine he can access ebay. The best way is with the DNS server, this will block all computer if you want from accessing ebay, but what if some people wants to access ebay and you only want to restrict him. Then you'll probably need proxy server that you can configure, but this is all additional cost to your network. The HOST file is a no cost method. Of course you do it without him knowing, and if he's computer illiterate he won't even know how to fix the problem. Make sure his account don't have permission to edit any files on the windows folder. That's all you need to restrict him from changing it.
 
How would I go about editing the DNS to block access? The guy seems to be fairly literate, so might figure out what was changed or find a way around it.

I'll have to see what kind of rights users are granted....seems that all accounts are set up as power users (in the server anyway), so that probably grants them enough priviledges to make changes to the Windows directory (not 100% sure about that).

I may make the host changes on any machines he has access to and see what happens there.

Any other suggestions?
 
PowerUser do not have permission to edit the HOST file. I will get back to you on that DNS thing as soon as I can find my instructor or find it off google. Might take a few days.
 
Status
Not open for further replies.

Similar threads

bL4cKh4T
windows not allowing any type of connection
Replies
0
Views
360
bL4cKh4T
bL4cKh4T
ikonix360
Windows upgrade question
2
Replies
19
Views
2K
camilasaunder89
C
XWrench3
removing windows??
Replies
3
Views
771
Joe C
Joe C
R
windows upgrade nightmare (dell laptop from home to pro win11)
Replies
8
Views
1K
camilasaunder89
C
R
Help for my homelab
Replies
1
Views
586
PP Mguire
PP Mguire
Back
Top Bottom