Is it possible to block certain websites e.g. YouTube on all computers without having to configure something on each and every computer. I have access to WiFi router and the DSL router. Is there any setting on either hardware that allows me to do so?
P.S. I've checked the control panel of both devices but wasn't able to find out anything that might allow me to do that, or may be I was looking at wrong places.
You can possibly use OpenDNS for this - it allows you to block both categories of website and specific urls. http://www.opendns.com
You would need to do set DHCP on the router to hand out their DNS server addresses to clients, which should discourage "casual" attempts to surf sites you want to block.
If you want something more "hardcore" in terms of enforcement then you'd need to lock down clients so that users couldn't manually edit their own DNS settings. Or possibly block DNS traffic going through the router if its firewall is half decent, except to the OpenDNS servers.
This won't be foolproof, but it sounds like you're using home or SoHo equipment and that doesn't really do "foolproof" at the best of times.
1. Edit the hosts file
You can achieve very basic control by modifying the Hosts file which is part of the Windows operating system. You can edit the hosts file in a text editor such as notepad, and add websites that you want blocked to the file. Open C:\Windows\System32\drivers\etc\hosts (Note: the "hosts" file has no file extension and will not automatically open in a text editor). Go to the end of the file and start a new line. Enter 127.0.0.1, a space, and then a domain name that you want to block (e.g. "facebook.com"). Create another line but this time add www. to the beginning of the domain. The new lines that you created in the hosts file should look like this: 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com Repeat the steps for any other domains that you want to block and save your hosts file. When your computer tries to find a website that is listed in the hosts file, it will try to get the website from 127.0.0.1 (your own computer) instead of the actual server IP where the website is hosted. This results in a "Server not found" error message when browsing to the blocked domain. The hosts file acts as a filter on each client computer, so these steps must be performed on every computer that you want to control. This is OK in small networks, but will become more difficult to manage with more computers. Notes: Pros: Very easy to set up No additional software required
Cons: It is very hard to maintain a long list of blocked websites. You have to set up and maintain this list of sites on each computer you want to control. Tech savvy users could circumvent these blocks and access the websites without too much difficulty.
2. Install a hardware router While most low end routers don't offer very much control over what comes in and what goes out of the network, some more advanced hardware routers give you the ability to manage your networks internet access and set blocked sites centrally in the router. Sonic Firewall and Watchguard Firebox are two suppliers who offer such hardware routers for small businesses and home users. Notes: Pros: Users cannot bypass the router You don't need to have another computer up and running all the time One single point to manage your list of blocked sites that effects all computers
Cons: More expensive than software solutions Initial setup may require some reconfiguration of your network You might have to upgrade the hardware in the future if the amount of workstations on your network grows
3. Set up a proxy server If you want even more power to monitor and control internet access, then you should consider using a solution designed specifically for the task. Programs such as WinGate Proxy Server (Windows 2000, XP, Vista, 7) or WinProxy(Windows 95, 98, NT, 2000, XP) are two such solutions. Proxy server software is usually installed on a dedicated computer in your home or office network, and the other computers on the network are configured to connect to the Internet through the proxy server. The proxy then handles all internet traffic for the network and is able to log, monitor and filter internet access. For small networks a lower spec computer will be up to the task of hosting a proxy service, but you could also use an existing workstation or server, for example an active directory server, print server or file server. The typical setup for a proxy server is to have two network interfaces, one facing the local network and one facing the internet router. This makes the server the only gateway to the internet for the client computers which prevents tech savvy users from bypassing the proxy. Notes: Pros: Easy to maintain. Gives you lots of additional features, such as bandwidth limiting, website caching, real-time monitoring and logging of visited websites. You can purchase additional licenses if your network grows and you want to connect more users to your network.
Cons: You have to install additional software on your computer. Your proxy server must be up and running for the network to have internet access.
4. Use monitoring and filtering software You can simply use monitoring and filtering software to block the website you don’t want, such as Websense or WFilter.
Pros: All you need is one computer to monitor your network. Cheaper than hardware solutions.
Cons: Need port mirroring router or switch.