[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] How do I shut down access to a site
This will work also, but with my suggestion the firewall never has to spend any cycles examining the packet. It is dropped or routed away from the firewall. I really try to limit the number of rules and packets my firewall examines. Remember, Keep It Simple. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Thursday, December 07, 2000 9:50 AM To: Jim Brown Cc: [email protected]; [email protected]; [email protected] Subject: RE: [FW1] How do I shut down access to a site Or add a domain object in your firewall - I haven't used this too much so I don't know how well it works but - hey ! - CP have given the facility so it MUST work - right ? ;-) Tim Higgins Jim Brown <[email protected]> Sent by: [email protected] 07/12/00 15:54 To: "'Gino Guidi (SD)'" <[email protected]>, [email protected] cc: Subject: RE: [FW1] How do I shut down access to a site If possible add an entry in your internal DNS for the desired site in question. You could have the IP point to an internal website that will display your Internet AUP or just point to a null interface on a router somewhere inside your network. The firewall never has to see it. -----Original Message----- From: Gino Guidi (SD) [mailto:[email protected]] Sent: Thursday, December 07, 2000 7:50 AM To: [email protected] Subject: RE: [FW1] How do I shut down access to a site Is there any other way to make this work for a site that has multiple IP's for any given name. For Example we are trying to block a site that has so far four IP's for its www address. Trying to block by domain brought our Internet Access to it's knees because of the amount of lookups the FireWall had to wait for. Any ideas? Gino Pietro Guidi Network Engineer CoStar Group, Inc. [email protected] -----Original Message----- From: Steven Schuster [mailto:[email protected]] Sent: Wednesday, December 06, 2000 1:51 PM To: '[email protected]'; [email protected] Subject: RE: [FW1] How do I shut down access to a site do an nslookup to get the IP address, put a rule that states your-net --> cutefx-net --> any --> drop and viola! if it is a site of questionable material, then a company-wide e-mail with a gentle reminder of the acceptable use policy.... Steve Schuster, CCSE, CCNA Midwest ISO Security Analyst -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Wednesday, December 06, 2000 4:36 PM To: [email protected] Subject: [FW1] How do I shut down access to a site This has been asked before - and I filed it safe somewhere - but I need to block access to cutefx.com in a hurry. Answers please. Paul ---------------------------------------------------------------------------- ---------------- C. Paul Simons Corporate Network Services IHS Energy Group, Englewood, CO. Main:Direct:Fax:Mobile:============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== #********************************************************************** This message is intended solely for the use of the individual or organisation to whom it is addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you should not use, copy, alter, or disclose the contents of this message. All information or opinions expressed in this message and/or any attachments are those of the author and are not necessarily those of Hughes Network Systems Limited, including its European subsidiaries and affiliates. Hughes Network Systems Limited, including its European subsidiaries and affiliates accepts no responsibility for loss or damage arising from its use, including damage from virus. #********************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|