Use a router to co-ordinate HOSTS to prevent malicious site attacks (1)

Many network administrators encounter malicious website attacks when managing internal networks and preventing viruses. Many employees' computers often access malicious websites automatically due to the accidental installation of rogue software, as a result, the virus can spread in a wide range. In the past, we used to edit the HOSTS file of the employee's computer to point the illegal site to the 127.0.0.1 address and filter it out. However, this method is relatively cumbersome and increases the workload of network administrators, is there a way to filter Intranet domain name access in batches? The answer is yes. Today, I would like to invite you to use the routers to manage HOSTS files to prevent unauthorized access to malicious sites.

I. How to use a router to co-ordinate HOSTS to prevent malicious site Attacks:

At the beginning, we introduced the traditional way to prevent employees' computers from accessing malicious website domain names by editing HOSTS files. In our system directory, c: the file exists in the \ windows \ system32 \ drivers \ etc directory. The HOSTS file takes precedence over DNS resolution during function running, to put it bluntly, the domain name ing relationship exists here will be used directly, so after you specify the IP address of the malicious site in the HOSTS file, when you access these malicious sites, they are automatically forwarded to the specified IP address to avoid viruses and Trojans. (1)

The ing relationships added to the HOSTS file are similar to those in the format of "127.0.0.1 www.sex.com", so that the computer automatically points to 127.0.0.1 when accessing www.sex.com from the local machine, this avoids being infected by rogue plug-ins and virus programs on www.sex.com. (2)

However, the efficiency of modifying the HOSTS file is too low. When there are dozens or even hundreds of computers in the enterprise, we need to edit the HOSTS repeatedly to filter the files. The overall implementation efficiency is relatively low, and once a new malicious site appears, we need to re-execute all the above operations to add new entries.

In fact, we can manage the DNS function of the HOSTS file from the router, which avoids the heavy work of repeatedly editing HOSTS to each host, on the other hand, it provides a more convenient way to update the corresponding entries of the HOSTS file in the future.