Solved

Using HOSTS File

Posted on 2009-05-17
4
255 Views
Last Modified: 2012-05-07
Hi There
I have a Windows 2003 domain.  And I want to be able to block bad websites using the hosts file from http://www.mvps.org/winhelp2002/hosts.htm.  Looking at the knowledge base here most people have frowned upon distributing this file to client workstations.  I was wanting to know if there was a way to import the hosts file information into the DNS server.  Or if in this situation it was okay to distribute the Hosts file to end users.  If so what would the best way be if the end users don't have administrative rights to their PC's.

Thanks
0
Comment
Question by:omfgwtflolbbq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 1

Expert Comment

by:cbdudek
ID: 24408830
There is no hosts file import to my knowledge.  If you were using something like Microsoft ISA server, then you could import the sites into that if you found a list that was created for it.

What I would recommend is using a free service like opendns.com.  There are a lot of small companies that use opendns to block pornography and other bad sites out there.  Best of all, its free.  It isn't as robust as Websense, but its better than nothing.
0
 

Author Comment

by:omfgwtflolbbq
ID: 24408912
Unfortunately we don't have ISA Server.  We are however using pfSense.  Although a quick look there and I couldn't see how to configure using the aforementioned hosts file.  Looking at my DNS Server it does seem that we are using opendns.  I don't know what the previous IT  Manager's login details are so I can't really configure the account and bad sites aren't being filtered.

Maybe copying hosts files to user computers is the way to go?
0
 
LVL 1

Accepted Solution

by:
cbdudek earned 500 total points
ID: 24411146
Copying hosts files to the users computers is a very good option.  Especially since you are looking at many many domains to block.  I know there is a way to mass import domains into pfsense that you want to blacklist, however, you have to know XML to do it.  I have never done that, but looking into that as an option is a good option.

As for the opendns login, you can create a new login and set it up from scratch if you would like.  I think the opendns option is a good starter point when it comes to blocking some nasty sites you don't want access too.  As I said before, it isn't the BEST solution, but it does a pretty good job for free.

You can setup a login script to copy the hosts file over to each system.  Here is a good thread on it.

http://www.petri.co.il/forums/showthread.php?t=13939

0
 

Author Closing Comment

by:omfgwtflolbbq
ID: 31582480
Hi There
I finally got opendns going.  That and I tried out the host distribution suggestion you made.  Couldn't get group policy startup script going.  But figure OpenDNS is enough.
Thanks
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question