From: "Durbin, Jeff" <jdurbin@xxxxxxxxxxxxxxxxxxx> I just upgraded a customer's domain to AD, which, obviously, requires internal DNS for name resolution. So, all the computers on the network point to an internal server for DNS, which, in turn, will forward unresolved requests to the ISP's DNS servers. The problem I have stems from the fact that the administrator of the domain has been restricting Internet access by not allowing DNS resolution (i.e., no DNS servers specified on the workstations). Now that DNS is a requirement, the users all get Internet access, and they've gone crazy downloading porn. I realize that they are commercial products to control Internet access, but does anyone have any cheap/easy idea for solving the problem?
1) Administrative smackdown 2) Install filtering proxy server like squid 3) Put host files redirecting worst sites to 127.0.0.1 4) Block users at firewall 5) Use win2k built in port filtering to block port 80
Chris Berry compjma@xxxxxxxxxxx Systems Administrator JM Associates
******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148 ********************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link.
