FSAV PSB firewall deny rule, instead of Windows hosts file 127.0.0.1-ing?
It is a time-honoured tradition to edit the Windows "system32/drivers/etc/hosts" to add a loopback or null entry for non-desirable site names, like blocking "ads.adfox.ru" and "textad.eroticmatch.com" et c.
With Windows 8.1, this habit is facing big obstacles, because there is a lot of UAC and sysrestore protection against modifying the hosts file and the computer slows down if the hosts file exceeds ~128kByte, while many adsite-badsite banning lists are 384-512kB in size. This problem can't be fixed without turning off the DNS Client service but then AD domain won't work properly.
So I thought of creating a traffic deny rule in FSAV PSB personal firewall "Internet Shield" against undesirable DNS names, to achieve the same hostfile-like functionality. Is that even possible? (I heard every setting is theoretically limited to max. 8kB in F-Secure, due to use of SNMP MIB structures.) If supported, is it possible to import from file or is it necessary to copy-paste each line manually?
Thanks for your kind attention, Sincerely:
Tamas Feher, Hungary.