General discussion

Locked

Prevent Intranet Access

By /L ·
Hello,

We hold software training sessions for customers and would like to prevent the users from accessing the company's intranet site but not prevent Internet access as they may want to check emails etc. We have firewall software, use IIS4.0 anda couple of web servers that run on NT and Unix. I have found lots of ways to prevent Internet access.
Any ideas greatly appreciated.

Thanks

Lisa

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Prevent Intranet Access

by CyberGod In reply to Prevent Intranet Access

If you want to prevetn access only to the web site of your intranet then you should point the appropriate port (80) in the firewall.
If it is a ipchains you should write something like:
-A input -s 0.0.0.0/0 -d webipaddress/32 80 -p 6 -j DENY
If your firewall is other than ipchain the idea is the same.

Collapse -

Prevent Intranet Access

by /L In reply to Prevent Intranet Access

A little vague but thanks for taking the time to reply.

Collapse -

Prevent Intranet Access

by dlw6 In reply to Prevent Intranet Access

Depending on the topology of the network, you might find either of these useful:

If there's a router between the classroom LAN and the company intranet server, you can block all traffic with an originating address in the classroom subnet and destination address of the intranet server's subnet.

Your intranet server may have a feature to limit incoming connections (most do). In this case, you can tell it to deny HTTP and HTTPS requests originating from the classroom subnet.

FWIW, I've known some instructors who simply pull the plug on their classroom's router while they were lecturing, so the students would pay attention. Clearly, that approach depends on what the students need to do during the class.

Good fortune,
Don

Collapse -

Prevent Intranet Access

by /L In reply to Prevent Intranet Access

THis is a good solution but we don't have the resources to put it into place - good plan for future development.

Thanks

Collapse -

Prevent Intranet Access

by madcateast In reply to Prevent Intranet Access

By using Group Policies you can segregate workers and students. The student group is only allowed access to the ?class_room? folders and as I read your question outside networks. You can use a generic login for the class to keep it simple and not have to add entries for each new class.

Collapse -

Prevent Intranet Access

by /L In reply to Prevent Intranet Access

I thought of this but the PCs have W2K and the policies are slightly different - they don't allow users and groups. Thanks for the suggestions

Collapse -

Prevent Intranet Access

by oskiller In reply to Prevent Intranet Access

I would do these things for quick "stoppage":

1 - block it at the firewall. You should be able to restrict it there.

2 - set up a false DNS entry for the server in an LMHOSTS file so when they try and access it by name it will not resolve.

Collapse -

Prevent Intranet Access

by /L In reply to Prevent Intranet Access

thanks for taking the time to reply

Collapse -

Prevent Intranet Access

by /L In reply to Prevent Intranet Access

This question was closed by the author

Back to Security Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums