Go Back   AnandTech Forums > Hardware and Technology > Networking

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2014
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 01-19-2010, 01:05 PM   #1
sao123
Lifer
 
sao123's Avatar
 
Join Date: May 2002
Location: Steeler Nation
Posts: 12,009
Default using hosts file as http whitelist

I have some public accessworkstations, which I need to limit to certain internet websites. To accomplish this, i am disabling DNS, and setting up a hosts file to enable certain permitted sites to be browsed.
However, doing this, will prevent windows updates from being downloaded.

Does anyone know the proper entries neeeded for my hosts file to re-enable windows update?
__________________
Quote:
Originally posted by: Eaglekeeper
Most anyone in the US that grew up in the city/inner city does not have the skills/knowledge to properly survive off the land.

Originally posted by: Dank69
It's (expletive deleted) easy. Throw seeds on the ground. Plants sprout. Pick hamburgers. Repeat.
sao123 is offline   Reply With Quote
Old 01-19-2010, 02:24 PM   #2
ViviTheMage
Lifer
 
ViviTheMage's Avatar
 
Join Date: Dec 2002
Location: Minneapolis
Posts: 35,215
Default

try these

download.windowsupdate.com
v5.windowsupdate.microsoft.com

also, if it doesn't work, deploy your own SuS?
__________________
Mad Genius Hosting -Web hosting, Cloud VPS, and Dedicated solutions...
30% off ALL services : AT30-vivi

vivi's blog

238-0-0

Last edited by ViviTheMage; 01-19-2010 at 02:27 PM.
ViviTheMage is offline   Reply With Quote
Old 01-19-2010, 04:27 PM   #3
Fallen Kell
Diamond Member
 
Fallen Kell's Avatar
 
Join Date: Oct 1999
Posts: 3,924
Default

Make sure you disable nslookup as well then. Anyone who knows anything about how the internet works will simply bring up a command window and do a nslookup to 4.2.2.1 (or any of the original base DNS servers on the net), get the IP and then enter the IP in the browser...
__________________
We were all warned of MS problems many years ago; remember how the Magic 8 Ball always said: "Outlook not so good"?
Server
HTPC
Fallen Kell is offline   Reply With Quote
Old 01-19-2010, 05:30 PM   #4
Nothinman
Elite Member
 
Nothinman's Avatar
 
Join Date: Sep 2001
Posts: 30,672
Default

Quote:
Originally Posted by sao123
I have some public accessworkstations, which I need to limit to certain internet websites. To accomplish this, i am disabling DNS, and setting up a hosts file to enable certain permitted sites to be browsed.
However, doing this, will prevent windows updates from being downloaded.
That's not a good solution. You really should be making them browse through a proxy and then setup a whitelist on the proxy. That also ensures that no one brings in their own machine and uses that intead.

Quote:
Originally Posted by Fallen Kell
Make sure you disable nslookup as well then. Anyone who knows anything about how the internet works will simply bring up a command window and do a nslookup to 4.2.2.1 (or any of the original base DNS servers on the net), get the IP and then enter the IP in the browser...
Which will likely fail anyway because without the HTTP Host header given it'll just return the default website for that server which may or may not be the one you're aiming for.
__________________
http://www.debian.org
Nothinman is offline   Reply With Quote
Old 01-19-2010, 07:04 PM   #5
xSauronx
Lifer
 
xSauronx's Avatar
 
Join Date: Jul 2000
Location: Eastern NC
Posts: 19,318
Default

seconded on the proxy and wsus suggestions. a wsus server is really easy to set up (though, with thousands of updates to filter from the start, can be tedious) and clients can be configured easily with a GPO. if you have a server that needs some action and has some disk space, a wsus server is worth setting up.
__________________
LET'S GO 'CANES [they arent going anywhere. ever.]
Free speech doesn't protect speech you like, it protects speech you hate.

Heatware |
xSauronx is offline   Reply With Quote
Old 01-19-2010, 07:38 PM   #6
sao123
Lifer
 
sao123's Avatar
 
Join Date: May 2002
Location: Steeler Nation
Posts: 12,009
Default

guess I have to be a bit more specific.

These systems are located at each of 40 semi-secure locations. (each essentially a 8x8 wooden shed with an attached outhouse on government property)
Each location has a single DSL/Cable/Verizon Aircard, and a netgear/linksys/dlink wired 4 port router.

Each location has 2 foreman each having a laptop which require full internet access. The above described desktop is to be a restricted weather terminal for all the non-foreman employees to use. it has guest level priviliges only with no logon password, and the internet is to be restricted to only our 4 permitted weather sites. (weather data is critical to our business).

due to the large number of sites, and complete lack of servers, I cant do SuS.
Due to the foremans requirements I cant do this at the router level...well at least not with $40 walmart routers.
__________________
Quote:
Originally posted by: Eaglekeeper
Most anyone in the US that grew up in the city/inner city does not have the skills/knowledge to properly survive off the land.

Originally posted by: Dank69
It's (expletive deleted) easy. Throw seeds on the ground. Plants sprout. Pick hamburgers. Repeat.
sao123 is offline   Reply With Quote
Old 01-21-2010, 01:47 PM   #7
sao123
Lifer
 
sao123's Avatar
 
Join Date: May 2002
Location: Steeler Nation
Posts: 12,009
Default

Quote:
Originally Posted by ViviTheMage View Post
try these

download.windowsupdate.com
v5.windowsupdate.microsoft.com
great start on a partial list, but i need more addresses than this.
__________________
Quote:
Originally posted by: Eaglekeeper
Most anyone in the US that grew up in the city/inner city does not have the skills/knowledge to properly survive off the land.

Originally posted by: Dank69
It's (expletive deleted) easy. Throw seeds on the ground. Plants sprout. Pick hamburgers. Repeat.
sao123 is offline   Reply With Quote
Old 01-21-2010, 03:08 PM   #8
skyking
Lifer
 
skyking's Avatar
 
Join Date: Nov 2001
Posts: 15,967
Default

www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us

That's what I get from my xp pro sp3 updated machine.
__________________
Heat

skyking is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:08 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.