chow choppe Posted January 29, 2008 Share Posted January 29, 2008 HI ALL i am trying to solve a problem in my office which is now major concern for us. We have internet on all PCs thru a main server computer thru lan internet sharing. now the internet is being used all day for chating and emails and which has deteriorated the work output. If we remove the dns server address from each PC in the TCP/Ip address then internet is not accessible but the local lan still works. but the employees now have come to know how to fix that and we see internet working again. is there any otherway to restrict internet to specific computers. we would still want that local Lan and folder sharing works for each one of them Thanks Link to comment Share on other sites More sharing options...
Matt Sugden Posted January 29, 2008 Share Posted January 29, 2008 Hi, to me this doesn't sound like a technical issue at all, it sounds like a personnel issue. I would talk to your staff and make it very clear that unfair usage of the internet is not acceptable, then if they continue to use it you should be taking disciplinary action with those responsible. you could very easily monitor peoples activities with some free VNC software so you can see who are the culprits are. Also I have worked in places where the it has monitored how much data has been downloaded on a person by person basis. If you let your staff know that their internet access is being closely monitored, then watching them will seem a little less underhand, than if they find out by accident for instance, and I think if it persists you need to get rid of the people who are abusing the system, the problem will soon go away, and other members of staff will get the message if they see you taking decisive action. You'll get better productivity and hopefully you won't need to continue monitoring. This may seem a bit much, but it sounds like you staff are giving you the run around, and you need to sort the problem. Thats' what I'd do anyway. Link to comment Share on other sites More sharing options...
chow choppe Posted January 29, 2008 Author Share Posted January 29, 2008 talking wont help for some reasons that we know any other suggestions Link to comment Share on other sites More sharing options...
Ricardo Eloy Posted January 29, 2008 Share Posted January 29, 2008 There's a software called Folder Guard kthat allows you to control what each machine can do or not, internet browsing and folder sharing included. Link to comment Share on other sites More sharing options...
Horhe Posted January 29, 2008 Share Posted January 29, 2008 There's a software called Folder Guard kthat allows you to control what each machine can do or not, internet browsing and folder sharing included. Yep I tried it once... from what I remember the software was easily manipulated from the windows system tab - easy to change and sidestep it. It was quite a long time ago... maybe theyve updated it so it works better now... Link to comment Share on other sites More sharing options...
Horhe Posted January 29, 2008 Share Posted January 29, 2008 You can visit www.tucows.com and browse through their programs... they have got loads of different apps... from internet access blocking and password protectors to all sorts of little applications that can be handy. Cheers Link to comment Share on other sites More sharing options...
Matt Clementson Posted January 29, 2008 Share Posted January 29, 2008 If you have a full server setup using Windows Active Directory (as opposed to a peer-to-peer workgroup type network) then you can use Group Policies to restrict software usage (i.e. prevent Internet Explorer or Firefox from running) on a user by user basis (not just machines) - this will prevent them from logging onto another workstation to use the internet. Link to comment Share on other sites More sharing options...
Jeff Mottle Posted January 29, 2008 Share Posted January 29, 2008 If you have a firewall, you can explicetly block outbound port 80 for all of some of your IPs. My Cisco PIX allows me to do this. Link to comment Share on other sites More sharing options...
gfa2 Posted January 29, 2008 Share Posted January 29, 2008 talking wont help for some reasons that we know any other suggestions That's pretty sad....sounds like the employees are running the place. You might want to establish a written policy, let everyone know the rules, then follow through with letting someone go if they break the rules. Sounds a lot like parenting, empty threats do nothing toward raising a respectful child. You have to follow through with the punishment...I could go way off topic here about lazy parents and rotten out-of-control kids these days. Link to comment Share on other sites More sharing options...
ronll Posted January 29, 2008 Share Posted January 29, 2008 Probably not a practical solution for you, but what I have done for security reasons is totally separate my internet computer from my lan. I'm a one-man office, but I have a five computer, hard-wired LAN for my work. (I have separate machines for rendering, modeling, printing, backup, etc.) But only one computer is connected to the internet and it is on a mechanical switch that can switch it to the lan for file transfer, but switches it off the internet to do so. The switch will not allow it to be on the lan and internet at the same time. Also, my internet machine does not write to the backup machine but all files on it are disposable. Important files are moved to the lan and then backed up overnight. Its a hassle because any file transfers with clients have to be transfered an additional time to get them to/from my lan. But the peace of mind is worth it. Link to comment Share on other sites More sharing options...
Matt Sugden Posted January 29, 2008 Share Posted January 29, 2008 Originally Posted by 3dsmaxed View Post talking wont help for some reasons that we know any other suggestions I think I should perhaps alter my previous post, and say the issue is not just with your personnel, but perhaps also with you or whoever is in charge. If you can not control your team, or they won't listen to you, then you are not getting the respect from them that you deserve in a position of leadership, and they will continue to take advantage of you. When I have managed people in the past; if I specifically asked them not to do something, yet they continued to do it, especially doing devious things like re-routing device drivers which had been disabled, I would have a very serious conversation about their future at the company (or lack of it). It sounds like your team needs you to excerpt some discipline. Or how long are you going to stay one step ahead of them, and how much money and time are going to waste putting in new security measures. You need a team you can trust, not a bunch of free loaders. Link to comment Share on other sites More sharing options...
ronll Posted January 29, 2008 Share Posted January 29, 2008 I also agree that this may be a personnel problem more than I technical one. The reason WHY I have all the computers I described in my last message for a one-man office is because I used to have eight employees. Altho there was plenty of work to support the office, I found I was not a good people manager and that I would MUCH rather be doing the work than fighting with people about how and when to do it. I am MUCH happier now. You may want to consider this solution as well . Link to comment Share on other sites More sharing options...
bmcgonigle Posted January 29, 2008 Share Posted January 29, 2008 If you have a firewall, you can explicetly block outbound port 80 for all of some of your IPs. This would be the best, easiest and quickest solution. By using your firewall to control access you can also possibly pick and choose what sites your users are allowed to access at what time etc. For example, no internet access other than between from noon to 1 (or whatever your lunch hours are) or you can set certian sites thay can access for business reasons ie corporate website, etc. Locking down your internet at the firewall level means only a select few have direct access to the lock and keys versus individual client pc installations to deal with. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now