Blog Home  Home Feed your aggregator (RSS 2.0)  
IMFirewall Blog
Block Internet Access,Block P2P,Web Filtering
 
Archive
<May 2012>
SunMonTueWedThuFriSat
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789
April, 2012 (3)
March, 2012 (1)
February, 2012 (3)
November, 2011 (1)
October, 2011 (1)
September, 2011 (1)
June, 2011 (1)
April, 2011 (2)
March, 2011 (1)
January, 2011 (1)
December, 2010 (5)
November, 2010 (2)
October, 2010 (3)
September, 2010 (4)
August, 2010 (3)
July, 2010 (1)
June, 2010 (1)
May, 2010 (2)
April, 2010 (3)
March, 2010 (1)
January, 2010 (4)
December, 2009 (4)
November, 2009 (5)
October, 2009 (1)
September, 2009 (1)
August, 2009 (4)
July, 2009 (1)
April, 2009 (1)
January, 2009 (1)
December, 2008 (1)
May, 2008 (1)
April, 2008 (2)
January, 2008 (1)
July, 2007 (3)
June, 2007 (6)
May, 2007 (4)
July, 2005 (1)
Navigation
Business Web Filtering
Online Marketing
IMFirewall Forum
P2P Blocker
Business Internet Filtering
Business Internet Monitoring
Business Email Monitoring
Block Internet Access
Monitor Employees
Home
Categories
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Blogroll
 blogcatalog
Contact
Send mail to the author(s) Email Me

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Sign In
# Monday, April 23, 2012
How to set a redirect denial page in WFilter? by Administrator

Sometimes you might want to redirect blocked websites to a new URL. To do this, you need to edit WFilter denial page in source mode.

This tutorial will guide you to configure a redirect denial page in WFilter.

First, edit a blocking level

Edit a blocking level and new a denial page. Please don't forget to list your new URL in the exception list.

Second, edit the denial page in source mode.

A javascript code is required:

<script>window.location="http://www.yourwebsite.com/...";</script>

Third, uncheck "view source" and click "Save" to save the settings.

Please notice, click "save" after unchecking "view source".

Done, now all blocked web request will be redirected to the new url.


More information, please check "WFilter Enterprise".

Other related links:

How to block UDP ports in RRAS windows server 2003?
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to block HTTPS websites on my network?

Monday, April 23, 2012 6:06:00 AM (GMT Daylight Time, UTC+01:00)    Content Filter | How to block internet  |   |  Trackback
# Tuesday, April 03, 2012
When shall you use two network cards for monitoring and blocking? by Administrator

In "pass-by" filtering mode(WFilter works on a mirroring port), WFilter sends RST packets to block TCP connections. However, if outgoing traffic is limited on the blocking adapter, blocking feature of WFilter might not be working.

The default settings of WFilter use a same adapter for monitoring and blocking. However, it will not work if a following condition is met.

  1. The monitoring switch does not allow outgoing traffic on the mirroring port. You can check this by "ping" other computers in the monitoring computer. This problem can be solved by changing switch settings(if supported) or adding a separated blocking adapter. Cisco switches have a parameter "ingress" to enable outgoing traffic on the mirroring port.
  2. The monitoring adapter is too busy of receiving mirrored packets. We recommend you to use another NIC for blocking when you have 50+ computers. To check this issue, you can run "System Settings"->"Check Settings" to perform a checking on the blocking adapter.

Steps to add a blocking adapter

1. Add a physical network card and connect this NIC to a normal port in your switch. If you have multiple VLANs, the blocking adapter shall be in a VLAN which can reach other VLANs.

2. Assign an available ip address and gateway settings to the new NIC.

3. If WFilter does not detect the new card in "System Settings"->"Monitoring Settings", please click "Start"->"IMFirewall WFilter"->"Tools"->"Restart WFilter Service" to reload the adapters list.

4. Choose the new network card as the "blocking adapter" in "System Settings"->"Monitoring Settings"->"Monitoring Device Settings".

5. Run "System Settings"->"Check Settings" to check.

6. Sometimes windows can not choose the correct network card for communicate, in that case, please check this topic to set "Metric": Blocking adapter doesn't work when using two network cards

Further readings:

How WFilter works to block internet connections in network?

Tuesday, April 03, 2012 4:40:46 AM (GMT Daylight Time, UTC+01:00)     |   |  Trackback
# Monday, April 02, 2012
How to block VNC traffic of network computers with WFilter? by Administrator

VNC® provides secure remote access computers from any location for your home and organization. RFB is the protocol used in VNC and its derivatives.

This tutorial will guide you to block VNC with "WFilter Enterprise 4.0". Because blocking of VNC is not supported by default in WFilter, in this example, we uses "Customize Protocols" feature of WFilter to define the VNC protocol.

First, Add "VNC" Protocol in "Customize Protocols".

In "Customize Protocols", new a protocol named "vnc".


VNC has a pattern:
"vnc_tcp":
Type--"TCP ALL"
Format--"0"
Pattern Content--"^\x52\x46\x42\x20\x30\x30"

Second, Enable blocking of VNC in certain blocking levels.

And apply this blocking policy to certain computers.

Now, VNC will be blocked.

WFilter blocking events:

Failure connection of VNC.

Monday, April 02, 2012 8:01:30 AM (GMT Daylight Time, UTC+01:00)     |   |  Trackback
# Friday, March 02, 2012
WFilter deployment with RouterOS's port streaming feature. by Administrator

Installed on a personal computer or server computer, RouterOS turns the computer into a network router, implementing features such as firewall rules, virtual private network (VPN) server and client, bandwidth shaping and quality of service, wireless access point functions and other commonly used features for routing and interconnecting networks.

To implement internet monitoring and more powerful internet filtering features with your RouterOS, you can enable RouterOS's "port streaming" feature to mirror all internet packets to WFilter for monitoring and filtering.

This tutorial will guide you to configure RouterOS to work together with WFilter.

Enable Packet Streaming

Enable Packet Streaming in "Tools"->"Packet Sniffer", choose the lan interface as the sniffer interface.

Set the WFilter server ip as the streaming server

Set the WFilter server ip address as the streaming server

Done, now you're able to monitor all network computers in WFilter.


More information, please check "WFilter Enterprise".

Other related links:

How to block UDP ports in RRAS windows server 2003?
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to block HTTPS websites on my network?

Friday, March 02, 2012 8:22:40 AM (GMT Standard Time, UTC+00:00)    Deployment  |   |  Trackback
# Thursday, February 16, 2012
Modify ESET personal firewall settings to make WFilter work. by Administrator

All internet packets are required for WFilter to parse network activities. However, the ESET personal firewall blocks non-local computer network packets by default. Therefore, when the ESET personal firewall is enabled, WFilter can not monitor itself computer because other computer's network packets are all blocked by ESET.

To make WFilter work with ESET personal firewall, you need to adjust the firewall settings.

The following example demonstrates how to configure ESET Smart Security 5.0:

1. Click "Setup" -> "Network" in ESET.

2. The filtering mode shall be "interactive filtering mode".

3. Click "Configure rules and zones..." to set the rules.

In "Toggle detailed view of all rules" view, click "new" to creat a new rule.

The new rule is set to allow all TCP&UDP traffic. All other rules shall be disabled.

  1. Direction: Both
  2. Action: Allow
  3. Protocol: TCP & UDP
  4. Profile: For every

4. In "Advanced Personal firewall setup..."

Uncheck "Check TCP connection status" in "Packet inspection" section of "IDS and advanced options".

Now your WFilter shall be able to work.

More information of disable ESET firewall, please check: http://kb.eset.com/esetkb/index?page=content&id=SOLN2113



Thursday, February 16, 2012 9:02:52 AM (GMT Standard Time, UTC+00:00)    Content Filter  |   |  Trackback
# Wednesday, February 15, 2012
WFilter adds solution for monitoring terminal server users. by Administrator

Terminal Services allows IT departments to install applications on a central server. For example, instead of deploying database or accounting software on all desktops, the applications can simply be installed on a server and remote users can log on and use them via the network. This centralization makes upgrading, troubleshooting, and software management much easier.

However, since all terminal clients share the server's network, it becomes difficult to monitor/filter individual users internet usage because most internet monitoring/filtering products only monitor/filter internet activities based on ip addresses or MAC addresses.

From WFilter en.3.3.148 version, with WFilter proxy's "user authentication" feature, you are able to monitor terminal client users and set differnet internet policy for each user.


Please check details of this solution at: How to monitor terminal server users?

Wednesday, February 15, 2012 1:51:08 PM (GMT Standard Time, UTC+00:00)     |   |  Trackback
Copyright © 2012 IMFirewall Software. All rights reserved.
DasBlog 'Portal' theme by Johnny Hughes.
Pick a theme: