Go Back   Steam Users' Forums > Steam Discussions > Hardware and Operating Systems

Reply
 
Thread Tools Display Modes
Old 01-18-2011, 08:34 AM   #1
Masterclown
 
Join Date: Nov 2004
Reputation: 6693
Posts: 1,995
Can I use a HOST file to ALLOW only a handful of website?

The normal hack of the HOST file is to block a certain group of sites, but I'd like to do the opposite.

For example, I want to set up a somewhat public machine in a store that customers can use. They are allowed to browse to ONLY the following four sites:

abc.com
123.com
xyz.com
999.com

If they attempt to go to any other site, they can just get a 404 error.

Can this be done? Should I use a wild card to route all requests to 127.0.0.1, and then add a list of allowed sites beyond that?
Masterclown is offline  
Reply With Quote
Old 01-18-2011, 08:43 AM   #2
damaged
 
Join Date: Jul 2008
Reputation: 8637
Posts: 7,265
No, not with a hosts file (unless you are prepared to put in every single host that exists, sans the ones you want, and map them ALL to 127.0.0.1), what you might want to look into is OpenDNS, then set your router (or the PC if you don't want the rest of the network to use it), then filter everything, then whitelist the ones you want to let through, or in windows (or your router) you can create a null route to drop everything, then add routes specifically to those ips, or, you can setup windows (or other) firewall to also filter everything except those you whitelist, or, you may be able to do this with policy editor and IE zones (but they can use a different browser to bypass so be careful) or you can use 3rd party "web blocker" software, like dansguardian/squid (linux) or one of them kiddy-filter programs for windows.

Last edited by damaged: 01-18-2011 at 08:49 AM.
damaged is offline   Reply With Quote
Old 01-18-2011, 08:54 AM   #3
Monster_user
 
Join Date: Nov 2006
Reputation: 170
Posts: 1,107
I've searched for some Whitelisting information, and it looks as if you will have trouble with DNS. Not sure if it is in regards to typing "abc.com", or the cache keeping the old settings in place.

I'm not sure about DHCP either, there seemed to be a few concerns, but I'm not sure what.

Google Search: Host File Whitelist

They will not get a 404 error. 404 means you can get to the site, but there is nothing there. A different error will display.

There is also this article, which is a more recommended method. This uses the Windows policies to restrict access to a specific whitelist.
http://www.ehow.com/how_5078719_bloc...xcept-one.html
Monster_user is offline   Reply With Quote
Old 01-18-2011, 08:56 AM   #4
damaged
 
Join Date: Jul 2008
Reputation: 8637
Posts: 7,265
Quote:
Originally Posted by Monster_user View Post
I've searched for some Whitelisting information, and it looks as if you will have trouble with DNS. Not sure if it is in regards to typing "abc.com", or the cache keeping the old settings in place.

I'm not sure about DHCP either, there seemed to be a few concerns, but I'm not sure what.

Google Search: Host File Whitelist

They will not get a 404 error. 404 means you can get to the site, but there is nothing there. A different error will display.

There is also this article, which is a more recommended method. This uses the Windows policies to restrict access to a specific whitelist.
http://www.ehow.com/how_5078719_bloc...xcept-one.html
I forgot all about Vista/7's built-in parental controls, good catch.
damaged is offline   Reply With Quote
Old 01-18-2011, 09:10 AM   #5
Masterclown
 
Join Date: Nov 2004
Reputation: 6693
Posts: 1,995
Thanks, unfortunately the PC's I have to use only have XP.

After googling around, the idea of setting up a whitelist for what amounts to kiosk browsing is a bit more involved than I thought. Thanks anyway.
Masterclown is offline   Reply With Quote
Old 01-18-2011, 05:19 PM   #6
dosbox
 
Join Date: Mar 2005
Reputation: 2726
Posts: 8,346
As damaged said, register for an OpenDNS account and configure your router to use OpenDNS servers instead of your ISP's DNS servers. You can then configure a whitelist on OpenDNS: http://www.opendns.com/support/category/24
dosbox is offline   Reply With Quote
Old 01-18-2011, 10:57 PM   #7
Mangr0v3
 
 
 
Join Date: Sep 2008
Reputation: 4313
Posts: 13,608
If you have a box you can spare (or running linux anyway), iptables + squid3.

Edit: And make sure you don't accidentally block Windows Update or anything else you need in the background.
Mangr0v3 is offline   Reply With Quote
Old 01-19-2011, 12:07 AM   #8
KameZero
 
Join Date: Nov 2009
Reputation: 28
Posts: 83
Actually, this should be possible if I remember correctly. I BELIEVE hosts files work top down. So, say, you wanted to allow google.com but nothing else you could have google first followed by making everything else resolve to 0.0.0.0. Blocking everything else would basically be making pretty much all TLD's resolve to 0.0.0.0, including countries there's only about.... 3-4 hundred....

Hrm, this would be a lot simpler if it was a linux box.
KameZero is offline   Reply With Quote
Reply

Go Back   Steam Users' Forums > Steam Discussions > Hardware and Operating Systems


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -7. The time now is 07:41 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site Content Copyright Valve Corporation 1998-2014, All Rights Reserved.