Using Firewalls to Block Spyware?

MartinMotor asks: "I'm a Network Administrator for a company with approximately 200 users, and we just installed a shiny new PIX. Being the resourceful network geek type, I immediately started adding deny statements to kill off access to places where people can download evil cursed programs like HOTBAR. Is there anywhere out there where people like me are maintaining a list of IPs for spammers, spyware progs, and pop-uppers to add to our firewalls? I can't be the first person to have this idea."

pix spam blocking

[Digita1Prophet]

Try the CAUCE, Osiris Relay, ORBS, and other spam clearing house websites. I was able to pull down spam domains and ip addresses to route to a non-existent port on my firewall.

And don't forget those weather news download sites and gotomypc.com!!!!

If you need some starter lists drop me a note.

Firewalls + a good policy

[rogueMonkey]

Our site denies software installations of any type through Windows policies for anyone but power users (ie.: programmers and not even all of them). Sure there were complaints and groaning... But they weren't for crashing computers anymore. You'd be surprised of the kind of sh*t some cute screen savers (TM) install. DLL messups, preferences mangling! So while firewalling might prevent some of the symptoms of spyware (ie.: call homes) good policies both technically enforced and "socially" enforced go a long way.