Hello -
I want to know how to block specfic domains and AIM on a home network.
I want to be able to turn the access to these domains on and off. My
wife and I want the ability to limit AIM use when the kids need to
focus on HW and also to blocks some specific sites that we are
concerned about, but still want our kids to be able to use the web.
The home network is a 2Wire gateway 2700SG with DSL service from SBC
(link to specs is http://www.2wire.com/pages/pdfs/8.pdf). The PCs
that we want to have control over are two desktop systems that have
Belkin PCI wireless cards running 802.11G.
We want to be able to turn the blocking on and off without a lot of
trouble. Ideal is to be able to do this via the management interface
of the gateway.
thank you.
thesteggy |
Clarification of Question by
thesteggy-ga
on
20 Oct 2005 18:13 PDT
clarification: the only connection the two desktop computers have to
the gateway is wireless, via the Belkin cards.
|
Request for Question Clarification by
sublime1-ga
on
20 Oct 2005 21:44 PDT
thesteggy...
I'm going to suggest an alternate method which requires the
modification of a special file called the HOSTS file. You
would need to modify this file on both computers, and, as
noted at the end of the following, you can use a simple
batch file to turn the blocking off and on, simply by
clicking on a shortcut to it.
The HOSTS file
The HOSTS file is a little-known Windows file which normally
does nothing, since the content is minimal by default, that
being:
127.0.0.1 localhost
That entry just points to your computer and identifies it
as localhost.
But additional entries can be made to this file that amount
to Windows wizardry!
The file is typically located here, in W2000 & XP:
C:\WINNT[or Windows]\system32\drivers\etc
It has no extension, but your can rename it HOSTS.txt
and open it with Notepad to see that it is a text file.
Entries can be added on a custom basis. These entries
will point specified addresses to your computer, rather
than to your DNS server, so that, instead of looking for
the files on the web, your browser will look for them on
your PC. Since they don't exist there, they won't be
found and loaded. In this way, you can effectively block
certain sites from ever being loaded in your browser.
Many people use the file to prevent known advertising
servers and malicious sites from having access to your
browser. There are many sites which post replacement
HOSTS files to use in place of the default one.
Different sites focus on different content. You can find
sites that block porn sites, sites that block ads from
loading in your browser, sites that are known to be
malicious, and combinations of all of these.
Since there are hundreds of sites of all these types, the
number of entries in the HOSTS file can cause it to become
much larger. If the file is too large, it will slow the
speed of your browser's loading things, so some authors
of HOSTS files take this into account, and use it to
redirect only the most malicious sites and ubiquitous
advertisers.
The following page on the MS Most Valuable Professionals
site, offers the best compromise and supporting information
I've found for the HOSTS file:
http://www.mvps.org/winhelp2002/hosts.htm
You can download the one they provide and use it to
replace the default one (after renaming it). You can
then also lock the file, by right-clicking on it,
selecting Properties and checking Read-only. This will
prevent trojans and other hijackers from writing to
it, which can cause some major problems.
The MVPs page also offer a batch file utility which allows
you to temporarily turn off protection by renaming the file.
If you'd rather not utilize the specialized entries that
are included in the HOSTS file offered by MVPS.org you
can modify the one on your computer to simply block
specific sites, or you can add these modifications to
the file they provide.
Here's the contents of the default file:
--------------------------------------------------------
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
--------------------------------------------------------
The # symbol prevents the contents of a line from having any
effect on the function of the file, which allows the author
to insert explanatory comments.
To block AOL, e.g, you would simply insert a line saying:
127.0.0.1 www.aol.com
Add this line right under the localhost entry or a line or
two further down:
127.0.0.1 localhost
127.0.0.1 www.aol.com
On the internet, AIM has various URLs containing aim.com
so to block that, you could use:
127.0.0.1 aim.com
I'm not positive this would block the AIM program which
doesn't use the browser, but I think it might. You'll
have to test it and see.
Once you're done modifying the HOSTS file, save it and
remember to rename it without an extension, so if you
were editing it by naming it HOSTS.txt, just rename it
to HOSTS.
Let me know what you think, and what else you need to
know...
sublime1-ga
|
Request for Question Clarification by
secret901-ga
on
20 Oct 2005 22:58 PDT
Hi thesteggy-ga,
Could you check whether your gateway has the enhanced "access control"
feature by going to the url http://home/ and checking if that icon is
present?
You can view it here: http://www.2wire.com/pages/pdfs/74.pdf
Thanks,
secret901-ga
|
Clarification of Question by
thesteggy-ga
on
21 Oct 2005 09:51 PDT
Hello -
WRT the clarification requested: Hi thesteggy-ga,
Could you check whether your gateway has the enhanced "access control"
feature by going to the url http://home/ and checking if that icon is
present?
I will check when I get home this evening.
thank you.
thesteggy
|
Clarification of Question by
thesteggy-ga
on
21 Oct 2005 09:53 PDT
Hello -
WRT to the clarification requested re: MODIFYING HOST FILES, I was
hoping to be able to do the blocking at the gateway rather than having
to modify files on the individual computers. i.e. I was hoping this
would be something easily done in SW that could be toggled on and off.
It would be an added bonus if my wife, who is non-technical, would
easily do it.
thank you
|
Request for Question Clarification by
sublime1-ga
on
21 Oct 2005 11:27 PDT
thesteggy...
You said:
"I was hoping this would be something easily done in SW that
could be toggled on and off. It would be an added bonus if
my wife, who is non-technical, would easily do it."
This is precisely the reason I outlined the HOSTS file
modification process. I don't know if your explored the
page I referred you to, but once the file(s) are modified,
the batch file I mentioned, which is available for download
on that site, will toggle the HOSTS file "on and off" by
renaming it with the click of the mouse. It doesn't get
much simpler than that.
sublime1-ga
|
Clarification of Question by
thesteggy-ga
on
21 Oct 2005 13:55 PDT
to sublime1 -
just got your note, thank you. I will check out the host file this
evening. That sounds like it is what will take care of my issue.
this might be a dumb question, but when you say click of a mouse I
assume you are talking about on the computer iteself? I will likely
post a reponse tomorrow morning.
thanks
|
Request for Question Clarification by
sublime1-ga
on
21 Oct 2005 15:18 PDT
"...when you say click of a mouse I assume you are talking
about on the computer itself?"
Yes. Once you've edited the HOST file(s) to suit your needs,
and downloaded the batch file provided on the site, you can
place the batch file wherever you like (I put it in the same
directory as the HOSTS file) and right-click it to create a
shortcut. You can then place that shortcut anywhere that's
convenient, and rename it if you like, so curious minds won't
recognize its purpose. Then your wife can simply click on the
shortcut and the batch file will run, renaming the HOSTS file
to NOHOSTS, and eliminating its blocking effects. Clicking
again on the shortcut will rename the NOHOSTS file to HOSTS,
once again activating the blocks. She'll need to close the
confirmation dialog that pops up to let you know the status:
"Protection ON" or "Protection OFF" - piece of cake.
sublime1-ga
|
Clarification of Question by
thesteggy-ga
on
25 Oct 2005 22:54 PDT
hello sublime - I wanted to let you know that I have been trying the
recommendations you made below. I still haven't been able to get
things to work. I added the modifications to the host file, AIM still
got through. I downloaded a batch file off the website but didn't get
the results as noted. I need to go to bed, will try again probably on
Thursday evening.
thanks - thesteggy
|
Request for Question Clarification by
sublime1-ga
on
26 Oct 2005 00:04 PDT
thesteggy...
It seems that the downloaded AIM client uses a different protocol
than the web-based program and the addresses I gave you. Try adding
these line to the HOSTS file:
127.0.0.1 aim://
127.0.0.1 aim:goim
...and see if that works. Note that the AIM program should still
load, it's just that messages should not get through.
Let me know...
sublime1-ga
|
Clarification of Question by
thesteggy-ga
on
31 Oct 2005 12:45 PST
Hello - now I am in really deep. I tried replacing the hosts file
with one of the files on the website listed above, and the computer
goes into an infinite reboot cycle. it starts up, loads, then
restarts again. I am trying to get some IT support to get it fixed,
but for right now it is unusable. I am afraid to try anything else
until this gets resolved.
|
Request for Question Clarification by
sublime1-ga
on
31 Oct 2005 13:51 PST
thesteggy...
An infinite boot cycle should not occur as a result of using
a different or modified HOSTS file. The HOSTS file only impacts
the networking function of Windows, and should have no effect
on bootup.
I've known infinite boot cycles to occur as a result of a
corrupted swapfile. Have you tried pressing F8 during the
first part of bootup, while the screen is still black, before
the system actually boots into Windows? This should present
you with a screen where you can boot up into Safe Mode (though,
in my experience of infinite reboots, doing so didn't actually
resolve the problem), or Restore the system to the last known
good configuration.
You should also know that, even with the downloaded HOSTS
file, you will still need to add the modifications I suggested
in order to block AOL Messenger specifically (the addition
suggested by my colleague secret901-ga is also a good one).
HOSTS files from the net are not designed to block normal
programs such as AOL, but are designed to block advertising
and malicious sites.
Let me know...
sublime1-ga
|
