Want to block P2P websites across domain

We have around 50-60 W2K/XP workstations (and 5 W2K servers) behind a SonicWall firewall. We do not have content filtering on the firewall and since we do not have any company policy on internet usage our IT director has no particular desire to upgrade our SonicWall package to include this.

However, one thing I would really like to do is to lock down file sharing sites like LimeWire, BearShare etc. I thought one idea might be to somehow use a script or Group Policy to deploy a Hosts file to each machine on the network with the following entries:

127.0.0.1    www.limewire.com
127.0.0.1    www.bearshare.com
etc...

Whether this would have been a good idea or not, the boss says no because the HOSTS file on a lot of machines are actually used by their quote vendors like Bloomberg, Reuters etc.

So basically my question is, are there any ideas for blocking certain websites on all machines when this cannot be done either at the firewall or by using a blanket HOSTS file?

Any suggestions most welcome.

Cheers.
kevharlowAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mianniCommented:
Don't give the users local admin rights so they will not be able to install any apps without a formal IT request.
Also do you use a proxy ? If not why not ? Squid is free and can run on an old box, then you can write an ACL (accesslist) to block/redirect any URL.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ritchiemCommented:
What is your DNS configuration?

If you run your own DNS then you could put the host names in there and return 127.0.0.1

0
haim96Commented:
proxy server will be the best solution for your problem,
but you can also block the P2P programs ports in the firewall so
the users mybe can access the sites but won't be able to download with P2P programs.
0
OAC TechnologyProfessional NerdsCommented:
see http://pgl.yoyo.org/adservers/

a GREAT resource for blocking stuff. I personally like adding the records to block into your local DNS server. this makes it easy to block. additionally, that site above has some tweaks that allow you to block all subdomains of the forbidden domains, not just www.forbiddendomain.com.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.