While it sounds simple in principle, configuring a firewall isn’t a task to take lightly. Blocking access to a site (or sites) is no exception. Like most things in IT there are several ways to accomplish the task; some are harder than others.
Does the site(s) have a single IP address? Or are there multiple aliases? Can you block access to the site’s DNS server? Do you plan to block the IP address? The URL? Does the target site move/jump around as is the case with a web server hosting a phishing scam? Is the site hosted on multiple Akami servers? Can you take advantage of subnet masking to hit a range of IP addresses?
As you plow forward ask yourself: what tools can I use to help in the process? Resources like Dig, NSLookup, and Whois may make things easier. Perhaps the answer lies in a hybrid solution where you use all of the above. As I’ve said in class several times before, it’s important you leverage everything you know.
