Using the MVPS HOSTS File Block List on the ISA Firewall to Block Non-Productive Sites

By /

Great post by Rob John over on the Web boards at http://forums.isaserver.org/Hosts_file_to_block_ba…

======================

To all,
I discovered a good little trick tonight, maybe you’ve seen it before, but here goes.
I’ve been considering the installation of a blackhole DNS solution to supplement all the other layers of our computer security.  I haven’t been really keen on the idea because of the need for another DNS server and the upkeep of the records wasn’t exactly easy and quick.

I’ve known about the hosts files on the Internet for a long time that are useful to home users, and decided to play with it a little tonight at home.  I couldn’t get my DNS server to use it, didn’t think it would, but I tried.  I then applied the host file to my ISA2004 server, after a reboot, it worked and actually speed up client response times and blocked instantly.  This is on a small home network, so I don’t know the impact yet in a large environment, I suspect the benefit will be similar.

The purpose of the blackhole DNS and a appropriate hosts file is to block spyware, adware and other malicious or annoying sites, such as ads, banners, counters and such.  By using the hosts file, the site resolves to 127.0.0.1 immediately, or any address you want to specify.
I used the hosts file from http://www.mvps.org/winhelp2002/hosts.htm.  I also reviewed their criteria, and it was very thorough. They mention on the site that the hosts file is updated periodically.

The benefit is that I can now take this to work and protect my entire enterprise, with another layer of protection, that is easily updated and maintained.  Kudos to the mvps.org folks for a great service.

One caveat to using the hosts file, it appears to have no effect on firewall traffic, but worked great on proxy traffic.  If your network allows web traffic only through the proxy, this should help greatly.
Best wishes,
_____________________________
Rob John
MCSE, CCNA

============================

HTH,

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: [email protected]
MVP — Microsoft Firewalls (ISA)

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top