Solved

Using HOSTS File

Posted on 2009-05-17
4
251 Views
Last Modified: 2012-05-07
Hi There
I have a Windows 2003 domain.  And I want to be able to block bad websites using the hosts file from http://www.mvps.org/winhelp2002/hosts.htm.  Looking at the knowledge base here most people have frowned upon distributing this file to client workstations.  I was wanting to know if there was a way to import the hosts file information into the DNS server.  Or if in this situation it was okay to distribute the Hosts file to end users.  If so what would the best way be if the end users don't have administrative rights to their PC's.

Thanks
0
Comment
Question by:omfgwtflolbbq
  • 2
  • 2
4 Comments
 
LVL 1

Expert Comment

by:cbdudek
ID: 24408830
There is no hosts file import to my knowledge.  If you were using something like Microsoft ISA server, then you could import the sites into that if you found a list that was created for it.

What I would recommend is using a free service like opendns.com.  There are a lot of small companies that use opendns to block pornography and other bad sites out there.  Best of all, its free.  It isn't as robust as Websense, but its better than nothing.
0
 

Author Comment

by:omfgwtflolbbq
ID: 24408912
Unfortunately we don't have ISA Server.  We are however using pfSense.  Although a quick look there and I couldn't see how to configure using the aforementioned hosts file.  Looking at my DNS Server it does seem that we are using opendns.  I don't know what the previous IT  Manager's login details are so I can't really configure the account and bad sites aren't being filtered.

Maybe copying hosts files to user computers is the way to go?
0
 
LVL 1

Accepted Solution

by:
cbdudek earned 500 total points
ID: 24411146
Copying hosts files to the users computers is a very good option.  Especially since you are looking at many many domains to block.  I know there is a way to mass import domains into pfsense that you want to blacklist, however, you have to know XML to do it.  I have never done that, but looking into that as an option is a good option.

As for the opendns login, you can create a new login and set it up from scratch if you would like.  I think the opendns option is a good starter point when it comes to blocking some nasty sites you don't want access too.  As I said before, it isn't the BEST solution, but it does a pretty good job for free.

You can setup a login script to copy the hosts file over to each system.  Here is a good thread on it.

http://www.petri.co.il/forums/showthread.php?t=13939

0
 

Author Closing Comment

by:omfgwtflolbbq
ID: 31582480
Hi There
I finally got opendns going.  That and I tried out the host distribution suggestion you made.  Couldn't get group policy startup script going.  But figure OpenDNS is enough.
Thanks
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now