Archived from groups: microsoft.public.win2000.dns (
More info?)
That is why I state "Depending on your needs" - as with many things, the
answer is "it depends" and I think the solutions should be evaluated by his
needs. He only indicated one site he was worried about and a DNS solution
does have its short comings in some cases. Mainly if you need to do small
things with internal servers like forward/rDNS lookup comparisons for syslog
files, web server logs, IDS logs, SPF checks, and other issues. If the
servers are AD authenticating then you are short changing your capabilities
to solve problems for those servers and limiting the capabilities of those
services.
Proxy solutions are excellent methods but can be hard for small business to
set up and maintain. Sometimes HOSTS is a quick and easy fix.
Regards,
Ed Horley
Microsoft MVP Server-Networking
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23rdH%23Xa2EHA.2540@TK2MSFTNGP09.phx.gbl...
> "Ed Horley" <no-spamed-usergroups1@yahoo.com> wrote in message
> news:uqWDhiY2EHA.3132@TK2MSFTNGP14.phx.gbl...
>> Depending on your needs you can also do stuff with host files on the
>> local
>> workstations. You can read up at:
>>
http://www.mvps.org/winhelp2002/hosts.htm
>> Just another option.
>
> Yes, but this has at least two significant problems.
>
> Distribution of the file and the fact that on some versions
> of the OS (Win2000 for sure) the very large hosts files
> can tie up the process each time they are loaded (at
> machine startup and on ANY edit.)
>
> I suspect the latter was fixed in XP or Win2003 but it
> could take out an entire CPU for up to an hour on fairly
> recent versions.
>
> Doing it centrally at the (Internet connecting) DNS server
> is a lot easy to manage.
>
> --
> Herb Martin
>
>
>>
>> Regards,
>> Ed Horley
>> Microsoft MVP Server-Networking
>>
>> "James W. Long" <JamesLong@Dunhamshq.com> wrote in message
>> news:0K1sd.38393$Qv5.23578@newssvr33.news.prodigy.com...
>> >
>> > Dear All:
>> >
>> > In the DNS cache I have "wildtangent". I know this to be spyware
>> > games.
>> > is it possible to block this from within my DNS? like pointing it to
>> > 127.0.0.1?
>> >
>> > Wouldnt clients just get that resolved elewhere anyway?
>> >
>> > proly a security question...so how do I block everything comming/going
>> > to that site ?
>> >
>> > Thanks in advance
>> >
>> > James W. Long
>> >
>> >
>> >
>>
>>
>
>