Tech Support Forum banner

2003 Server - Block I'net, Allow E-mail

1741 Views 7 Replies 5 Participants Last post by  Chevy
I hope this is the right area in which to post this issue.

We have a small network in my office - approximately 13 computers, 1 server, and 5 printers. The server is 2003 Server Appliance Edition. Our workstations are all XP, but they are mixed Home and Pro. We have 1 DSL router (stuck in the dark ages, I know. The cable company wants $10,000 to install a box near us.)

I have been helping the boss to try to solve some of the issues in the office, namely the employees surfing the web on company time, chatting, playing i'net games, visiting and chatting on porn sites, downloading music, etc. It became a huge issue, and the boss wants to completely take away the i'net connections for all workstations, but allow them to use Outlook for business e-mail. We also wanted to take away their access to the automatically installed games (solitaire, pinball, etc.) but I actually remembered how to remove them by going to Add/Remove Programs and Add/Remove Windows Components. That part of the problem has been solved. However, we are at a loss as to how to fix the internet issue.

We used the filter on the DSL router to block a group of IP addresses from accessing the i'net. Unfortunately the filter blocks everything, including Outlook's send/receive function.

The boss set up a computer near in a separate area that's connected to the printers. It was meant to be an internet access computer, specifically reserved for research. Each of the 4 users has a separate user account on the computer, however, they don't seem to be connected to the network. This is a problem because now the employees can't access their shares on the network to retrieve their documents, attach files to e-mails, etc.

I hope that this is a simple issue for some people on this board, :wink: since the boss and I are embarrassingly clueless. :4-dontkno

I would appreciate any assistance you may offer.

Thanks in advance,

See less See more
Not open for further replies.
1 - 8 of 8 Posts
Well I can't tell Exactly

But when We are setting up the server (win2003) We get the Problem that all Appliction are Blocked but only outlook can send & recive emails

There is an option in mcafee Antivirus enterprise 8.0 it only allow outlook to communicate All other apps are blocked .(this use port blocking i think)

As I think Above Solution is work greate for u

You can Also use Mcafee Firewall To allow only selected app (this allow selected appliction can use any port ) and better then above solution because you can also see stathics which apps are bloceked with timing & ports etc.
Same Issue

Anyone else?


I can't even understand what she's saying!

And we don't use McAfee. The boss hates it.
Do you use IE for your web browser? If so, go into Tools ->Internet Options ->Connections and click on LAN settings. Check the box "use a proxiy server..." and enter, click OK out of the Options. Then lock the Connections tab down via regedit.

I know this sounds stupid but have you tried programs like netnanny or cybersitter. In our company, we have netnanny installed on a couple of laptops because the users were going to websites they weren't allowed to or shouldn't be. And they are a little computer savy to where they will figure out a way to get around the security measures. We haven't had a problem since. The program will let you block all URLs, you can add a list of URLs they are only allowed to go to or you can create a black list of URLs that they are not allow to go to. Plus it blocks IM and file sharing and you can set times when they can surf the internet.
Thanks, Crazijoe

crazijoe said:
...In our company, we have netnanny installed on a couple of laptops because the users were going to websites they weren't allowed to or shouldn't be...
No, the suggestion doesn't sound stupid at all. In fact, it might be a great suggestion... if I can get the company to cough up the money for something like NetNanny.

Do you know if you can install it on a server to block out certain nodes/workstations, or do you have to install it on each computer? We began taking everyone out of the DHCP pool and assigning static IPs to block them out using the filters on the DSL router.

Can you run it invisibly, so they cannot see it in their taskbar or do CTRL+ALT+Delete to end it?

I don't know how computer-savvy the guys in this office are, so I don't know if they can get around it. I know some kids who've said they can get around it, so I'm hoping it works on thirtysomethings! LOL



(I can do the research, but I think it's best to ask someone who has experience with the product, instead of just reading pages upon pages of information on the website that may not necessarily answer my questions. I hope you don't mind.)
See less See more
You would have to install it on each workstation. It does show as a little icon in the taskbar and I talked to them about it and they said it could be removed. I'm sure it can be removed. I just didn't want to spend the time trying to remove it.
I don't know how kids can get around it. You need a user name and password to administer it so it depends on how complex the password is. Most the time kids usually have a lot more time and patience to get around it than employees do and parents usually don't use complex passwords so I probably wouldn't worry about it.
The license is a yearly fee so I don't know if your company wants to shell out the money every year.
You might also check into WebWasher. It's a internet URL filter for companies. It's a little pricey but probably the best and cheapest for a company wide solution. I have seen internet content filtering setups up to $4K and Webwasher was the cheapest I have seen.
Get your hands on an older machine (PII or PIII, 128mb ram, 10gb HDD or smaller) build a Smoothwall Firewall/Router. You'll need two nics, but you can block by IP and port ranges (leave TCP 25 and TCP 110 open for email, lock down the rest).
1 - 8 of 8 Posts
Not open for further replies.