Solved

Using HOSTS File

Posted on 2009-05-17
4
252 Views
Last Modified: 2012-05-07
Hi There
I have a Windows 2003 domain.  And I want to be able to block bad websites using the hosts file from http://www.mvps.org/winhelp2002/hosts.htm.  Looking at the knowledge base here most people have frowned upon distributing this file to client workstations.  I was wanting to know if there was a way to import the hosts file information into the DNS server.  Or if in this situation it was okay to distribute the Hosts file to end users.  If so what would the best way be if the end users don't have administrative rights to their PC's.

Thanks
0
Comment
Question by:omfgwtflolbbq
  • 2
  • 2
4 Comments
 
LVL 1

Expert Comment

by:cbdudek
ID: 24408830
There is no hosts file import to my knowledge.  If you were using something like Microsoft ISA server, then you could import the sites into that if you found a list that was created for it.

What I would recommend is using a free service like opendns.com.  There are a lot of small companies that use opendns to block pornography and other bad sites out there.  Best of all, its free.  It isn't as robust as Websense, but its better than nothing.
0
 

Author Comment

by:omfgwtflolbbq
ID: 24408912
Unfortunately we don't have ISA Server.  We are however using pfSense.  Although a quick look there and I couldn't see how to configure using the aforementioned hosts file.  Looking at my DNS Server it does seem that we are using opendns.  I don't know what the previous IT  Manager's login details are so I can't really configure the account and bad sites aren't being filtered.

Maybe copying hosts files to user computers is the way to go?
0
 
LVL 1

Accepted Solution

by:
cbdudek earned 500 total points
ID: 24411146
Copying hosts files to the users computers is a very good option.  Especially since you are looking at many many domains to block.  I know there is a way to mass import domains into pfsense that you want to blacklist, however, you have to know XML to do it.  I have never done that, but looking into that as an option is a good option.

As for the opendns login, you can create a new login and set it up from scratch if you would like.  I think the opendns option is a good starter point when it comes to blocking some nasty sites you don't want access too.  As I said before, it isn't the BEST solution, but it does a pretty good job for free.

You can setup a login script to copy the hosts file over to each system.  Here is a good thread on it.

http://www.petri.co.il/forums/showthread.php?t=13939

0
 

Author Closing Comment

by:omfgwtflolbbq
ID: 31582480
Hi There
I finally got opendns going.  That and I tried out the host distribution suggestion you made.  Couldn't get group policy startup script going.  But figure OpenDNS is enough.
Thanks
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now