- Joined
- Jan 10, 2012
I need to build a win 7 machine for reprograming the ecms on cars, can I mod the hosts file to prevent access to all of the interwebs except about 5 sites?
if so, how would I do it?
if so, how would I do it?
-
Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!
blocking most of the interwebs
- Thread starter caddi daddi
- Start date
- Joined
- Dec 30, 2004
You could just turn on Windows firewall and deny 0.0.0.0/0 and allow your 5 specific sites. You might be able to modify the hosts file in a similar fashion (0.0.0.0/0 routing to localhost, and then your specific IPs routing to their respective IPs), but I'm not sure if that would work or not.
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #3
would denying 0.0.0.0/0 in windows firewall also keep anything from coming inbound?
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #4
Well....... this is a stupid way of doing this.
reading about some, it looks like I would have to add each page of each site and that could be thousand of pages and making a rule or adding a page to a list would be over the top.
so it looks like a pf sence box is what I need to look at or just keep on doing it the way I am with xp pro till I just have to make the leap to the modern world.............
reading about some, it looks like I would have to add each page of each site and that could be thousand of pages and making a rule or adding a page to a list would be over the top.
so it looks like a pf sence box is what I need to look at or just keep on doing it the way I am with xp pro till I just have to make the leap to the modern world.............
- Joined
- Dec 30, 2004
You can accomplish it with Windows firewall. Just add a deny outbound rule for 0.0.0.0/0, and add allow outbound rules for the IP addresses of the sites you want to hit. Inbound traffic won't be impacted unless you explicitly deny that as well. Should be as easy as that. Make sure you limit it to http/https (80,443), otherwise you could impact other services (windows update, third party applications, etc), unless that's your end goal.
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #6
my end goal is 100% access to these sites, both inbound and outbound and 0% access to or from anything else, these pcms start at around 4 large each and bork one and my pocket book will be burning!!!!
- Joined
- Dec 30, 2004
What are the specific sites you need to access? Is the content dynamic? If it's static (like programming instructions or service manuals or something), then you could potentially save the sites offline and just disable the internet alltogether.
Otherwise, make your firewall rule deny both inbound and outbound on 0.0.0.0/0, and allow the ip addresses of the sites for both inbound and outbound.
Otherwise, make your firewall rule deny both inbound and outbound on 0.0.0.0/0, and allow the ip addresses of the sites for both inbound and outbound.
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #8
most of the pages are static, just info in black and white.
here is how the programing goes, I download a program, that program downloads the calibration to my computer, and prepares and sends it through a programing device to the ecm.
here is how the programing goes, I download a program, that program downloads the calibration to my computer, and prepares and sends it through a programing device to the ecm.
- Joined
- May 29, 2005
Could always just block admin privs so that users can't install anything and setup browser whitelist only to certain website/domains via group policy
Something like what is mentioned here:
http://smallbusiness.chron.com/create-internet-access-whitelist-56190.html
after doing some searching another person had this idea:
Something like what is mentioned here:
http://smallbusiness.chron.com/create-internet-access-whitelist-56190.html
after doing some searching another person had this idea:
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #10
I think I found sort of the same thing here>>>>> http://boutell.com/newfaq/browser/restrictie.html <<<<<<<
- - - Updated - - -
my question is, would I have to whitelist every page of each site?
- - - Updated - - -
my question is, would I have to whitelist every page of each site?
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #11
just looking at the gm service information site, the pages are static but the site itself is very dynamic.
new info posted every day, all the info on every model for every year, that's pretty dynamic in my book.
new info posted every day, all the info on every model for every year, that's pretty dynamic in my book.
- Joined
- May 29, 2005
You just use a * as a wild card. So http://*.gm.com and http://www.gm.com/* for example would cover subdomains and affixes after the domain (I can't remember if the second one would be necessary)
My recommendation -- test the entire configuration on yourself and see if you can get around it or run into an issue before putting it into production.
My recommendation -- test the entire configuration on yourself and see if you can get around it or run into an issue before putting it into production.
OP
- Joined
- Jan 10, 2012
- Thread Starter
- #13
so would i use the logon portal, https://www.autopartners.net/gments.../www.autopartners.net:443/apps/sporef/si.html
or the first page, the first page is what i have bookmarked but it redirects me to the logon page first? or just mess about and find out?
or the first page, the first page is what i have bookmarked but it redirects me to the logon page first? or just mess about and find out?
- Joined
- May 29, 2005
I would just mess around and find out. You can probably use your browser history to get a general idea of the domains that you will need to whitelist. (clear your history/etc then go to all or one at a time the sites that they would need and make notes)
- Joined
- Oct 29, 2005
- Location
- Oregon
Use a windows firewall frontend gui such as tinywall, block all, and then allow ONLY the url's you need.
