FSAV PSB firewall deny rule, instead of Windows hosts file 127.0.0.1-ing?

etomcatetomcat Posts: 1,319 Superuser

Dear Sirs,

 

It is a time-honoured tradition to edit the Windows "system32/drivers/etc/hosts" to add a loopback or null entry for non-desirable site names, like blocking "ads.adfox.ru" and "textad.eroticmatch.com" et c.

 

With Windows 8.1, this habit is facing big obstacles, because there is a lot of UAC and sysrestore protection against modifying the hosts file and the computer slows down if the hosts file exceeds ~128kByte, while many adsite-badsite banning lists are 384-512kB in size. This problem can't be fixed without turning off the DNS Client service but then AD domain won't work properly.

 

So I thought of creating a traffic deny rule in FSAV PSB personal firewall "Internet Shield" against undesirable DNS names, to achieve the same hostfile-like functionality. Is that even possible? (I heard every setting is theoretically limited to max. 8kB in F-Secure, due to use of SNMP MIB structures.) If supported, is it possible to import from file or is it necessary to copy-paste each line manually?

 

Thanks for your kind attention, Sincerely:

Tamas Feher, Hungary.

Best Answer

Comments

  • VadVad Posts: 1,068 F-Secure Employee

    Hello Tamas,

     

    Yes, currently there is 8kB limitation for a policy setting on a PSB portal side.

    As a workaround you can create several firewall rules.

    Unfortunately, import from a file is not supported.

     

    Best regards,

    Vad

    etomcat
This discussion has been closed.