Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

XP SP2 - Protected HOSTS file?

Status
Not open for further replies.
ElijahBaley

ElijahBaley

IS-IT--Management
May 4, 2001
1,598
GB
Hi

Does anyone know if Microsoft have implemented some sort of protection on the hosts file in SP2 after attacks from mydoom etc?

Can Windows resolve to windowsupdate.microsoft.com without DNS or a Host file entry? (is there a secret encrypted host file?)

All I want to do is disable DNS lookups an some standalone workstations but allow them to connect to windows update, symantec live update etc, I was hoping to do this through the hosts file, but any entries related to microsoft.com do not work!

Any advice appreciated,



..EB


"Smoke me a kipper, I'll be back for breakfast!"

"Captain A.J. Rimmer, Space Adventurer!"
 
Sort by date Sort by votes
I can't use hosts to change windowsupdate but I can add in fictitious subdomains of MS.
Could be embedded to stop new hosts files redirecting - it would be sensible...

grope.microsoft.com now points to my firewall and resolves fine.
 
Upvote 0 Downvote
Thanks for your comments Zel

So if I disable DNS I can't get a connection to windows update.

I wonder if there is a reg entry that could be used to redirect to an IP address?



..EB


"Smoke me a kipper, I'll be back for breakfast!"

"Captain A.J. Rimmer, Space Adventurer!"
 
Upvote 0 Downvote
If your DNS doesn't resolve the name to IP then it will be forwarded to your ISP then eventually to the A,B,C etc DNS servers etc.

If you disable DNS then there is no name to IP resolution unless you use WINS which is completly useless anyway[wink].

We may have to think out of the box a wee bit for this one.

Would hosts not possibly be protected a la dll cache, might be worth a look. 9:00 pm and I am not doing it now.

Here is an initial thought. Create a New DNS server, that cannot forward requests to anywhere else, but have entries for windows updates and those and such as those you want them to get. Then point the limited clients at that.



[blue]Arguably the best cat skinner around ! [/blue]

Cheers
Scott
 
Upvote 0 Downvote
Cheers Scott

WINS is only for resolving NetBios names, so I do not think it comes into play in this scenario.

What I am trying to do is set up single standalone XP Pro machines which will use terminal services over a DSL connection for all services. I want to completely disable a local users ability to use the DSL connection for web browsing, while still allowing Symantec liveupdates and Microsoft Windows updates - I had thought this would be simple, until I discovered I could not make effective entries in the host file for any.microsoft.com

I agree with Zel, that it makes sense for MS to do this - however it does not help with my problem...

[ducky]



..EB


"Smoke me a kipper, I'll be back for breakfast!"

"Captain A.J. Rimmer, Space Adventurer!"
 
Upvote 0 Downvote
Off the wall this one, replace the XP box with a winterm. No option but to go terminal services.

[blue]Arguably the best cat skinner around ! [/blue]

Cheers
Scott
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Egghead2
  • Locked
  • Question
File Transfer Issue Using Active FTP - Port Command
Replies
1
Views
217
allworxguy
allworxguy
malpa
  • Locked
  • Question
Read pcap file and filter smpp protocol
Replies
0
Views
121
malpa
malpa
3rdParty
  • Locked
  • Question
Tool for text file logging
Replies
0
Views
120
3rdParty
3rdParty
JonRose
  • Locked
  • Question
Computer not accessible on XP wireless LAN
Replies
1
Views
115
Guthro
Guthro
esolvepolito
  • Locked
  • Question
is it possible for a host to maintain a tcp connection with two hosts with the same IP?
Replies
4
Views
243
VinceWhirlwind
VinceWhirlwind

Part and Inventory Search

Sponsor

Back
Top