Announcement

Collapse
No announcement yet.

Block sites via host file?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Block sites via host file?

    Just wondering if anyone has managed to block certain domain names (i.e facebook.com) by linking a dummy ip address to it such as 127.0.0.1?

    'facebook.com 127.0.0.1'


    I have edited the hosts file (as above) on my DC but users can still access it.


    Thanks

  • #2
    Re: Block sites via host file?

    you have to do it on every computer. a hosts file is only relevant to a specific machine.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Block sites via host file?

      If you need to do that, it will be cheaper in terms of overall time and effort to get a firewall with web filtering, preferably updated by the vendor so you dont need to spend your time finding variations on the domain names you want to block
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Block sites via host file?

        By far not the most elegant solution in terms of administration but you could also write a batch file and copy the hosts file to all the PCs.
        here is an example of the batch file: http://forums.petri.com/showpost.php...30&postcount=3
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: Block sites via host file?

          I have tried it on my PC and I can still access facebook.com

          Rebooted PC, deleted temp files, cookies.

          I added the following to my local host file.

          0.0.0.0 facebook.com
          0.0.0.0 www.facebook.com
          0.0.0.0 http://www.facebook.com

          Any ideas? Could there be something thats making my routes bypass the local host file and letting me go straight to my Cisco firewall?

          Thanks

          Comment


          • #6
            Re: Block sites via host file?

            Are you sure you're editing the HOSTS file?

            It does not have an extension (so it's not hosts.txt, it's just hosts) and is located in %windir%\system32\drivers\etc


            But I think Tom has the best suggestion. Get a firewall that does web filtering for you.

            Another option is to get an Open DNS account and they can filter sites for you. (I think they have a free one but you're very limited on how much you can filter)
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: Block sites via host file?

              Yes im editing the correct host file (without an extension, in the etc\ folder).

              I only want to be able to block facebook.com on the odd PC, buying web filtering software would cost a fortune for such little use.


              Thanks

              Comment


              • #8
                Re: Block sites via host file?

                Well if the entries you said you put in the HOSTS file are there then you shouldn't be able to get to facebook.com.

                Note: you don't need http://www.facebook.com in the HOSTS file.

                Could you posts the contents of your HOSTS file verbatim and maybe we'll see what the issue is?
                Regards,
                Jeremy

                Network Consultant/Engineer
                Baltimore - Washington area and beyond
                www.gma-cpa.com

                Comment


                • #9
                  Re: Block sites via host file?

                  You're doing it wrong. I'd like to clarify the use of the hosts file: The hosts file is used by the DNS client resolver component, not the DNS server component. An entry in the hosts file on a DNS server will be used by the DNS server when it's acting as a DNS client. For instance, an entry in my W2K8 DNS server's hosts file like this:

                  1.1.1.1 www.facebook.com

                  is loaded into the DNS server's DNS client cache (not it's server cache). If I ping www.facebook.com from my DNS server it returns 1.1.1.1 as expected. If I then run nslookup on the DNS server and ask it for www.facebook.com it returns the correct public ip address registered for www.facebook.com as the DNS client component on the DNS server is now asking the DNS server component for resolution (just the way any other DNS client would). It's a confusing idea to wrap your head around, but the DNS server is also a DNS client and when the DNS client component is called into action it acts as any other DNS client does by looking at it's own DNS client cache, including any entries pre-loaded from the hosts file. Only when the DNS client component uses the DNS server component (by querying the DNS server(s) configured in it's TCP\IP properties, which should be pointed to itself) will the DNS server's cache get populated with the correct information.
                  Any DNS client querying the DNS server will always get the "real" answer and not the hosts entry because the DNS server's DNS client cache is used by the server itself (as a DNS client) and not by the DNS server component.

                  So, if you want to block facebook you have to add an entry to the hosts file on each client machine or add a dummy zone to youir DNs server for facebook so that the DNS server thinks it's authorative for facebook.com and then add a dummy entry for www.facebook.com in the dummy zone.
                  Last edited by joeqwerty; 27th April 2010, 16:24.

                  Comment


                  • #10
                    Re: Block sites via host file?

                    Hey Joe, thanks for posting the workings of it.

                    I think noob0259 is now working from the client HOSTS file since tehcamel posted
                    Regards,
                    Jeremy

                    Network Consultant/Engineer
                    Baltimore - Washington area and beyond
                    www.gma-cpa.com

                    Comment


                    • #11
                      Re: Block sites via host file?

                      Glad to help.

                      Comment


                      • #12
                        Re: Block sites via host file?

                        Originally posted by noob0259 View Post
                        Yes im editing the correct host file (without an extension, in the etc\ folder).
                        Can you try ipconfig /displaydns and check if there are any entries in the resolver cache for facebook.
                        Are you on x64 version by any chance?
                        Some google searches suggest flushing the client resolver cache (Ipconfig /flushdns)
                        and disabling the client resolver service to see if that makes a difference.
                        Caesar's cipher - 3

                        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                        SFX JNRS FC U6 MNGR

                        Comment


                        • #13
                          Re: Block sites via host file?

                          Originally posted by L4ndy View Post
                          Can you try ipconfig /displaydns and check if there are any entries in the resolver cache for facebook.
                          Are you on x64 version by any chance?
                          Some google searches suggest flushing the client resolver cache (Ipconfig /flushdns)
                          and disabling the client resolver service to see if that makes a difference.
                          Hi,

                          When I take my laptop home and connect it to my ADSL wireless router the host file modification works fine. When I bring my laptop back into work and login to the domain (which sits being a cisco router and cisco asa firewall) it lets me access the site.

                          Nothing for facebook.com shows in the command you shown.

                          Seems to be something on the network rather than the PC itself.

                          Thanks again

                          Comment


                          • #14
                            Re: Block sites via host file?

                            Are you by any chance using a proxy at work?
                            Regards,
                            Jeremy

                            Network Consultant/Engineer
                            Baltimore - Washington area and beyond
                            www.gma-cpa.com

                            Comment

                            Working...
                            X