Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 261
  • Last Modified:

Using HOSTS File

Hi There
I have a Windows 2003 domain.  And I want to be able to block bad websites using the hosts file from http://www.mvps.org/winhelp2002/hosts.htm.  Looking at the knowledge base here most people have frowned upon distributing this file to client workstations.  I was wanting to know if there was a way to import the hosts file information into the DNS server.  Or if in this situation it was okay to distribute the Hosts file to end users.  If so what would the best way be if the end users don't have administrative rights to their PC's.

Thanks
0
omfgwtflolbbq
Asked:
omfgwtflolbbq
  • 2
  • 2
1 Solution
 
cbdudekCommented:
There is no hosts file import to my knowledge.  If you were using something like Microsoft ISA server, then you could import the sites into that if you found a list that was created for it.

What I would recommend is using a free service like opendns.com.  There are a lot of small companies that use opendns to block pornography and other bad sites out there.  Best of all, its free.  It isn't as robust as Websense, but its better than nothing.
0
 
omfgwtflolbbqAuthor Commented:
Unfortunately we don't have ISA Server.  We are however using pfSense.  Although a quick look there and I couldn't see how to configure using the aforementioned hosts file.  Looking at my DNS Server it does seem that we are using opendns.  I don't know what the previous IT  Manager's login details are so I can't really configure the account and bad sites aren't being filtered.

Maybe copying hosts files to user computers is the way to go?
0
 
cbdudekCommented:
Copying hosts files to the users computers is a very good option.  Especially since you are looking at many many domains to block.  I know there is a way to mass import domains into pfsense that you want to blacklist, however, you have to know XML to do it.  I have never done that, but looking into that as an option is a good option.

As for the opendns login, you can create a new login and set it up from scratch if you would like.  I think the opendns option is a good starter point when it comes to blocking some nasty sites you don't want access too.  As I said before, it isn't the BEST solution, but it does a pretty good job for free.

You can setup a login script to copy the hosts file over to each system.  Here is a good thread on it.

http://www.petri.co.il/forums/showthread.php?t=13939

0
 
omfgwtflolbbqAuthor Commented:
Hi There
I finally got opendns going.  That and I tried out the host distribution suggestion you made.  Couldn't get group policy startup script going.  But figure OpenDNS is enough.
Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now