IPTABLES and Hi-Risk blocking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



We are considering whether or not to block internal access to social
networking and private entertainment web sites.  This not a policy
decision as of yet, just an exploratory exercise.

Our gateways run CentOS-5.4 and use iptables to enforce firewall
rules.  The information that we wish to determine is whether or not
it is feasible to block sites such as facebook, youtube, twitter,
etc. using iptables.  Is there a superior method?  Does there exist
already a generally accepted utility or method for accomplishing
this?

At the present time we only block outgoing traffic for a handful of
internal hosts that should never have any reason to generate traffic
destined outside the lan.  But, now we are advised by some
authorities that facebook and similar sites are considered security
risks to hosts that are used to access them.

Without debating the merits of such claims, how would one proceed to
block internal network access to specific domain names using CentOS?

Sincerely,

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux