The Active Directory on the domain works fine, internal hostnames work fine and external hosts are resolved correctly.īut, now I was thinking about addin NxFilter to the mix. I had set the DHCP Server on router to give the ip of dc as the first DNS server and then dc uses router as a forwarding DNS for things outside my own network. Since I have three children in the house it also allows me to apply basic DNS filtering based "protection" against certain "known things" by running BlockerNG and Snort (although I still need more time to configure this). It allows it (and me) to easily add specific hostnames for an ip, reroute stuff etc. For instance server would have issues asking for a DHCP lease from dc if it hadn't started the VM of dc first. Mostly because it's handy to log into the webadmin of pfSense to fix things instead of using Remote Desktop to login to dc and also since dc is a VM and depending on a reboot of its host server might not be up when I need it to.
The router is acting as the DHCP server, although I have heard that it's prefered to let dc handle it. I then have another physical machine acting as my router running pfsense ( router).
#Where do i install nxfilter on my network Pc#
But if you can manage a PC network then you shouldn’t have much trouble, and what you’ll get for your efforts is one of the most capable and configurable free web filters around.I have a setup consisting of a physical server ( server) running Ubuntu, on that, a Windows 2016 Server running as a VM serves as a Domain Controller ( dc).
#Where do i install nxfilter on my network password#
If the default site blocking isn’t enough, NxFilter supports adding domains manually, or grabbing the blacklist from Shalla List or You get a stack of configuration options, there’s even support for authenticating users via LDAP and Active Directory (as well as password and IP address), all while delivering great performance (the developer claims NxFilter can handle "several thousands of users easily", and we wouldn’t disagree).Īgain, there is some complexity involved here, if only because of the lengthy feature list, and configuring NxFilter takes some time and thought. If you’re thinking this sounds extremely flexible, then you’d be right: but it’s just the start. And you’re even able to assign policies based on a time range, so for example an office might have a very loose policy at lunchtime, but something much more restrictive for the rest of the day. Your policies can then be applied to individual network users, or groups of users. A built-in netflow collector means you’re able to set bandwidth limits, too. If you need more control, it’s possible to create NxFilter policies which block sites by category (75 in total), or only allow access to particular site categories - or all internet access - for a certain amount of time a day. A browser-based console displays stats on web traffic, blocked domains and more, as well as logging your internet activities. Get NxFilter running on one PC, though, and it brings benefits right away, blocking known phishing sites and using packet inspection to detect some malware. It’s still not difficult - if you’ve created or managed a Windows network then you won’t have much trouble - but if you’re a network novice then it may take a while to figure things out. You’re left to decide how and where you configure your system (or network) DNS servers, and while this makes sense, even the web tutorial doesn’t walk you through every detail. One installation can protect your entire network - and it can all be yours for free. There’s built-in phishing protection, updated every two hours, while packet inspection can detect malware and bots. But the program can block access to websites based on domain, category, user, time, quota and more. NxFilter is a DNS-based web filter, so there’s no text-based content filtering.
0 kommentar(er)
