Use DNS Server to block IPs of bad sites

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

There are some website I would rather my users not go to.
Since all the PCs use the Windows 2000 Server for DNS
resolution, I was wondering if there was a way I could add
an address and give it the IP of 127.0.0.1. Then when PC
tried to resolve name it would get not be able to find
page.

Using Windows 2000 Server and AD Domain.

Thanks!
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:0bbc01c49682$96a44780$a401280a@phx.gbl,
Techpriest <anonymous@discussions.microsoft.com> made a post then I
commented below
> There are some website I would rather my users not go to.
> Since all the PCs use the Windows 2000 Server for DNS
> resolution, I was wondering if there was a way I could add
> an address and give it the IP of 127.0.0.1. Then when PC
> tried to resolve name it would get not be able to find
> page.
>
> Using Windows 2000 Server and AD Domain.
>
> Thanks!

For each site, you could create that domain name, and then create a www
entry for it. For the www entry and the (same as parent) entry, give it
127.0.0.2, not 127.0.0.1, which will point back to each users' machines.

However, this would be tedious and archaic. Really what you should have is a
proxy or ISA server to accomplish this.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

T> There are some website I would rather my users not go to.

Then either configure a proxy HTTP server with a blacklist or require
that all web browsers be configured with a blacklist (via PAC script or
some such). The DNS is not the tool for this job.
 
O

obiwan

Distinguished
Feb 16, 2001
90
0
18,630
Archived from groups: microsoft.public.win2000.dns (More info?)

In addition to the good suggestions from
Ace and Jonathan, I may suggest you to
have a look at this site

http://pgl.yoyo.org/adservers/

which has "ready to use" blocklists in many
different formats along with installation tips
which may be of help in setting up your own
blocking scheme

Regards


--

* ObiWan

Microsoft MVP: Windows Server - Networking
http://mvp.support.microsoft.com
http://italy.mvps.org
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom