TheScarfedOne (8th January 2012)
I've been working on this project for approximately 2 months now; NetBlocker. It's basically a network/classroom management tool which allows administrators/staff to block internet access to groups of computers (such as rooms) and to individual accounts, it also makes use of Active Directory to easily allow you to import the computer groups based on your already existing OUs. You also have the option to modify groups, create your own groups, create exempt lists etc. When blocking users/groups, you can either permanently block them, or set a time at which they'll automatically be unblocked. The software will be free of charge, and is aimed as schools/organisations who can't afford to buy the well-known network/classroom management tools, it's not aimed at replacing what already exists. I've also tried to make sure that it's as easy as possible to setup, deploy and remove from computers.
This is only a brief post describing the software, I will provide more information nearer to the release (hopefully within a month).
Screenshot of the administration tool (there's also a separate tool which can be deployed to staff, which is a basic version of the administration tool):
If you have any suggestions/queries post them here, or send me a pm
TheScarfedOne (8th January 2012)
Sounds VERY interesting!
How's it blocking the internet access?
To put it simply, there'll be a 'client' service running on the computer in question, that will find what group the computer is in, and will then check the status of that group at a set interval. If the group (or user) is flagged as being blocked, the client service will block ports 80 and 443, and will force the user to use a non-existent proxy.
blocking port 80 and 443 wont do much...port 8080, 8081 do the same job as those 2 and if 80 and 443 are blocked, most (if not all since W7) machines default to the next available ports for surfing
You would need to blanket block all ports except TCP and UDP
However the proxy is a different issue, how is it doing this to a live user?
I'm not quite sure what you mean by a live user, I'm guessing you're on about when a user is actually using the computer? Well, when the service detects that the user/group has been flagged as 'blocked', a copy of that user's proxy settings will be stored locally (this is so if the user/group is unblocked during the same session, the settings will be restored without having to have the user log back in and out). The user's proxy settings (stored in the registry), will then be overwritten with a non existent proxy server. The user's browsing session will then be killed.
By a live user I mean if someone is browsing and then it is decided to block access, how will it do it then? By the way you have it, they could leave their browser open and have no issues, so you would need some way of remote killing iexplore.exe or firefox.exe or whatever at the same time the button is clicked for the access to the internet to be blocked.
Sounds like a fantastic idea - but why not do all the processing on the proxy server itself? this way you don't need to worry about; the browser type, operating system, whether you have admin rights on the device or even writing a client side application at all.
I guess the api would just be an ssh access
P.S I haven't forgotten about this I've just got other commitments at the moment (Battlefield 3 *cough*).
There are currently 1 users browsing this thread. (0 members and 1 guests)