firewall url filter
Bruno Wolff III
bruno at wolff.to
Thu Jan 22 17:29:55 UTC 2009
On Thu, Jan 22, 2009 at 09:39:45 -0700,
Robin Laing <Robin.Laing at drdc-rddc.gc.ca> wrote:
>
> What about a combination of what other people are saying and a DNS
> server that has a blacklist filter in it?
>
> That way all the blacklisted URL's are then stopped.
>
> http://www.linux.org/docs/ldp/howto/Spam-Filtering-for-MX/dnschecks.html
If you think people might be actively trying to get around this (as opposed
to trying to help your employees not see stuff that they don't want to see)
you need to worry about some other things.
You probably want the firewall to block dns requests other than to this
resolver.
And you might also want to block the IP addresses corresponding to those A
records so that people don't get around the DNS block. This can cause problems
if there is both needed content and banned content available at the same IP
address.
More information about the fedora-list
mailing list