Can't your spyware just change/delete the host entries again? Or use an IP address (or do you configure static routes for the subnets that the IP addresses reside in that those host entries point to?)
Has this tactic ever helped anyone in a spyware-on-the-server situation? (except possibly in a SOHO situation where the server's been treated like a desktop?) Cheers Ken -- My IIS Blog: www.adOpenStatic.com/cs/blogs/ken Tech.Ed Sydney: learn all about IIS 7.0 - See you there! : -----Original Message----- : From: [EMAIL PROTECTED] [mailto:ActiveDir- : [EMAIL PROTECTED] On Behalf Of Kevin Brunson : Sent: Thursday, 13 July 2006 3:00 AM : To: ActiveDir@mail.activedir.org : Subject: RE: [ActiveDir] Multihomed Domain Controllers : : I have definitely found the hosts file to be useful on servers to keep : them from EVER getting to spyware sites. This guy has a great list : : http://pgl.yoyo.org/adservers/serverlist.php?showintro=0&hostformat=hos : t : s : : Just cut and paste into the hosts file and you are good to go. I : scripted it for all of the servers I deal with. But I guess this is : getting pretty far OT: :) : Kevin : : -----Original Message----- : From: [EMAIL PROTECTED] : [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, : CPA aka Ebitz - SBS Rocks [MVP] : Sent: Wednesday, July 12, 2006 10:41 AM : To: ActiveDir@mail.activedir.org : Subject: Re: [ActiveDir] Multihomed Domain Controllers : : In the year 2006.. I hope we are still not making host file entries on : servers and workstations.... :-) : : Peter Johnson wrote: : : > You might want to then create entries in the host file on the backup : > server so that you guarantee that the backup server always uses the : > right network connection. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
