Disable IE or Internet Access between time periods

How about you just set your router/firewall to not pass HTML traffic (outbound port 80 basically) during working ours.

Alternatively use the Wizards First Law.

Nice humor there... =P



Is there any way to do that remotely? The users will be away at a "summer camp" where I have computers setup for them to do work and then give them some time during the evening to email and for casual use of the net. I can't exactly type in 192.168.0.1 and pull up the firewall settings since it is at a distant location. Also, they will be connecting to the university domain, and I doubt that I have privileges to access the main router/firewall settings, much less over-ride the campus SysAdmin.

I did think of resricting the access based on the router settings though, just unsure of how to do it remotely.

Thanks for the inital reply!
Any more help gladly accepted.

~ Knowledge is a weapon; I intend to be formidably armed. ~
Any more help would be

OK well now hmmm.

If you can get local access to the router for a short while then you make be able to set it so that it is accessible from the external network side. I know I can with my router.

This has 2 main problems

1. You need to know the IP address of the router on the external network which means it needs a static IP address.

2. If the external network is a public network (the Internet say) then you do rather reduce your security and leave yourself open to attempts to penetrate the internal network.

Will there be no-one on site who will be able to act as admin for this?



Another possibility is to set up a proxy server on the network, obviously this would need to be secure against your students but you could configure the router to only accept port 80 connections from the proxy and then configure the proxy with times when it was and wasn't active (I think we are a little outside my field here), in fact a quick search in the Squid (which is a proxy server/cache available for free under the GPL although it does run on Linux a believe) documentation suggests that it can do this and more.

It may well be worth you finding a local guru and buying them a few beers.

I'll look into the above advice. Thanks for your timely replies.

whats the wizards rule law? :D

People will believe something that they want to believe.

ah i get ya! gracias admin :D

Hi there,

try tightVNC or RealVNC..you can also try PCanywhere if you want to do it remotely.

Hope this helps...

L][nk

There is a way to only allow access in active directory, but I think that relates to logins. I would suggest that you go force people to go through a proxy and if all else fails you can script the proxy service to stop/start at the desired times. Be sure to have each PC not use the proxy for local addresses so they can still access any local web based server applications. Also be sure to firewall port 80 for everything except your PC and the proxy so they have to go through the proxy to do it. This should restrict there internet access quite effectively.

Joe Jensen
Webmaster