[Dshield] Re: List of websites to block

wulfman wulfman at charter.net
Sun Apr 18 20:43:13 GMT 2004


Much overlooked, Ray Marron's, Hostess http://accs-net.com/hostess/ is a
nice program for managing registry based blocks. It was originally developed
to block by making additions to the Hosts file, and still does this, but
also evolved to include the ability to export to the windows registry for
listing to security zones. It has the ability to save entries according to
group as well, and will also clean redundant entries from the list or group.
For anyone who uses the security zones in windows to manage site access,
this is a much more versatile way to amange the list than trying to use the
security zone dialog, which is a bit spartan for features. It can also
manage multiple lists, so additions can be made by catagory. A large Hosts
file list can be a questionable strategy as it can become very difficult to
manage and also adds to boot time... Sometimes, a LOT.

Hostess can help manage a list of this type, but is not a replacement for
user descretion.

Hostess is fully functional freeware, no trail period, or crippling. Please
give consideration to the author for its use by making a donation of
whatever amount seems approriate, should you find it useful.

Hostess will convert a clear text list of domains and or IP Quads into a
file suitable for import to winreg restricted zone. Several clear text lists
of sites are available for download with the program itself.

A relatively simple spreadsheet in addition to Hostess can be used to filter
firewall logs, and a variety of other formatted application specific text
lists into a set of exportable registry entries specific to individual
needs, in addition to the pre-made lists already available for download.
(careful of these, they can be brutaly inclusive).  I would suggest NOT
using the premade lists for use on network machines because they can result
in problems... and whining... lots of whining.

The only real downside I've found to its use is that large lists of either
Hosts file or restricted zone entries will substantially increase time to
boot. When I have used it, it has added as much as 20-30 seconds to boot
time after making large numbers of security zone additions. The interface is
a little clunky looking, shrug...

Regular expression listings are treated as clear text, and are not checked
for syntax, validity or resulting affect, so make sure your Regexp listing
correctly represents your intent before including it in the list. As always,
make a registry backup before doing any sort of  fiddling with the registry,
including import of restricted zone sites. It is possible to write a small
macro for a spreadsheet which can help generate regular expressions from a
formatted list, but it is also probable that this will cause a LOT of
unintended blocking

As is generally the case, flexibility and power, implies a certain number of
decisions by the user, and a certain amount of work, only partially
mitigated by the addional use of a spreadsheet or other filtering program.
User discretion is required to prevent blocking of useful but annoying
commercial sites. Example: Digitalriver which, in my experience, seems to
have very poor opt-in/out management.

Exporting a firewall list of Allowed sites, for use as an assist in setting
up exclusions to blocking, in a spreadsheet filter, can be very helpful, but
one shouldn't use this too blindly either. Bottom line, setting up security
zone blocking requires some work. One can automate parts of it, but the
correctness of the final list used for blocking, is the user's
responsibility.

Several times, I have caused minor problems for network users by being too
hasty to block commercial sites because of borderline abusive behaviour in
their use of UBE, webbugs, or active content. Hostess can be a wonderful
addition to your toolbox, but use it with care.

The upside of this program is that it can by used to generate registry
import files which can be tailored to user groups. These files can them be
remotely uploaded to machines in those groups, seperately, giving different
restricted zones to each group.


More information about the list mailing list