White list internet browsing

Discussions around the setup, operation, replacement, and disposal of clerk computers, not to include using MLS
User avatar
loughe-p40
New Member
Posts: 1
Joined: Thu Feb 14, 2008 9:08 am

White list internet browsing

Postby loughe-p40 » Thu Feb 14, 2008 11:11 am

Does anyone know how to establish a "white list" for browsing the internet from a ward clerk's internet-enabled computer?

Our Stake President does not want to give internet access to wards until their browsers are white listed. We tried to do this within IE, but on Destop 5.5 the option for doing this has been disabled. We do not know why it is disabled, but it is. It is not enough that the church is filtering content, our Stake President has decided that all ward computers must be locally white listed before they can receive internet access.

If you know how to create and utilize a local white list for internet browsing under Desktop 5.5, our stake will benefit from the advice you share.

Thank you!
----------------
loughe@gmail.com

rmrichesjr
Community Moderators
Posts: 1037
Joined: Thu Jan 25, 2007 11:32 am
Location: Dundee, Oregon

Postby rmrichesjr » Fri Feb 15, 2008 10:03 am

One solution that would be very feasible technologically would be to use a small low-cost machine with two NICs (or software proxy controls on the user computers) to run an HTTP proxy with a white-list policy. Several years ago, a friend of mine said he was looking into doing that for his home computers. If I understood him correctly, there are sites explaining how to do it using Linux and squid as the proxy. Using a lean Linux installation, even an older second-hand machine or an embedded appliance-type machine should suffice.

User avatar
Mikerowaved
Community Moderators
Posts: 3131
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Fri Feb 15, 2008 5:57 pm

Another possibility is looking into your router's menu. Depending on the brand of the router, you can sometimes force a whitelist to be used for all or selected machines.
So we can better help you, please edit your Profile to include your general location.

russellhltn
Community Administrator
Posts: 20728
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Fri Feb 15, 2008 6:54 pm

Mikerowaved wrote:Another possibility is looking into your router's menu. Depending on the brand of the router, you can sometimes force a whitelist to be used for all or selected machines.


Except the router is under Church Admin control. It may be worth a talk to Global Connect to see if they can do something. Otherwise I think you're looking at buying a router to stick between the admin computers and the rest of the network.

jhvdh84
New Member
Posts: 8
Joined: Wed Jan 24, 2007 10:51 pm

Postby jhvdh84 » Wed Feb 20, 2008 12:33 pm

You might also try www.OpenDNS.com. I've only recently found it, so I'm just figuring it out, but it looks like it can do whitelisting, is free, and would work for your situation without having to buy hardware.

russellhltn
Community Administrator
Posts: 20728
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Wed Feb 20, 2008 12:45 pm

jhvdh wrote:You might also try www.OpenDNS.com. I've only recently found it, so I'm just figuring it out, but it looks like it can do whitelisting,


From a quick look, it appears it's whitelisting is to get around it's own blacklist. I think what's wanted here is to ONLY allow whitelisted sites and block all others.

techgy
Community Moderators
Posts: 3174
Joined: Sun Jan 13, 2008 6:48 pm
Location: California

White Listing

Postby techgy » Sun Feb 24, 2008 9:59 am

I believe your best solution would be the software proxy.
We use it on our family history centers in our stake.
One machine is the "server" on a peer-to-peer network and it runs the proxy software.
All the other machines have their browsers configured to access the proxy. We can block/enable access to any web site. We use it to block unwanted sites and to prohibit the use of Email by blocking any web site with the word "*email*" in it. It's very effective.

techgy

russellhltn
Community Administrator
Posts: 20728
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Sun Feb 24, 2008 12:49 pm

Techgy wrote:One machine is the "server" on a peer-to-peer network and it runs the proxy software. All the other machines have their browsers configured to access the proxy.


What do you do about the FamilySearch portal that requires you to point your proxy to a church server?

pete_arnett-p40
Member
Posts: 152
Joined: Fri Jan 19, 2007 10:54 am
Location: Sunny South Florida, USA

White Listing and Cisco Pix

Postby pete_arnett-p40 » Sun Feb 24, 2008 6:08 pm

All internet connects inside a church building must have a Cisco Pix installed and all equipment must be connected behind the Cisco Pix

The Cisco Pix has a firewall, network settings that use headquarters proxy servers and filtering software

Suggest that you contact headquarters about how to obtain the equipment

"
The Cisco PIX 501 is a compact, ready-to-use security appliance that delivers enterprise-class security for small offices and enterprise teleworker environments."

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/ps2031/index.html
:cool: Your Fellow Servant,
Porter (Pete) Lee Arnett Jr.
USA

russellhltn
Community Administrator
Posts: 20728
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Sun Feb 24, 2008 11:14 pm

In addition to what Pete said, the FHC computers need proxy settings for the FHC FamilySearch portal to work.

For details, go to http://www.fhc.familysearch.org/ and expand the help section.


Return to “Clerk Computers”

Who is online

Users browsing this forum: No registered users and 1 guest