Want to block P2P websites across domain

Posted on 2006-03-20
Medium Priority
Last Modified: 2012-06-22
We have around 50-60 W2K/XP workstations (and 5 W2K servers) behind a SonicWall firewall. We do not have content filtering on the firewall and since we do not have any company policy on internet usage our IT director has no particular desire to upgrade our SonicWall package to include this.

However, one thing I would really like to do is to lock down file sharing sites like LimeWire, BearShare etc. I thought one idea might be to somehow use a script or Group Policy to deploy a Hosts file to each machine on the network with the following entries:    www.limewire.com    www.bearshare.com

Whether this would have been a good idea or not, the boss says no because the HOSTS file on a lot of machines are actually used by their quote vendors like Bloomberg, Reuters etc.

So basically my question is, are there any ideas for blocking certain websites on all machines when this cannot be done either at the firewall or by using a blanket HOSTS file?

Any suggestions most welcome.

Question by:kevharlow

Accepted Solution

mianni earned 336 total points
ID: 16235336
Don't give the users local admin rights so they will not be able to install any apps without a formal IT request.
Also do you use a proxy ? If not why not ? Squid is free and can run on an old box, then you can write an ACL (accesslist) to block/redirect any URL.

Expert Comment

ID: 16235796
What is your DNS configuration?

If you run your own DNS then you could put the host names in there and return

LVL 13

Assisted Solution

haim96 earned 332 total points
ID: 16240151
proxy server will be the best solution for your problem,
but you can also block the P2P programs ports in the firewall so
the users mybe can access the sites but won't be able to download with P2P programs.

Assisted Solution

by:OAC Technology
OAC Technology earned 332 total points
ID: 16484630
see http://pgl.yoyo.org/adservers/

a GREAT resource for blocking stuff. I personally like adding the records to block into your local DNS server. this makes it easy to block. additionally, that site above has some tweaks that allow you to block all subdomains of the forbidden domains, not just www.forbiddendomain.com.


Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question