|
How can I
block a Windows 2000/XP/2003 computer
from surfing on the Internet?
Windows
2000/XP/2003 machines have a built-in IP
security mechanism called IPSec (IP
Security). IPSec is a protocol that’s
designed to protect individual TCP/IP
packets traveling across your network by
using public key encryption. In a nut
shell, the source PC encapsulates the
normal IP packet inside of an encrypted
IPSec packet. This packet then remains
encrypted until it arrives at the
destination PC.
This is
not the place for a more detailed intro
to the IPSec features, but know that
besides encryption, IPSec will also let
you protect and configure your
server/workstation with a firewall-like
mechanism.
How can
you block specific users from surfing
the Internet with IPSec? Simply by
creating a policy element that will tell
the computer to block all the specific
IP traffic that is configured by those
rules. Internet traffic uses HTTP and
HTTPS, which use TCP ports 80 and 443
respectively as their destination ports.
By blocking this specific traffic you
will be able to stop a specific computer
from browsing the Internet. |
