Re: Windows server,DNS and unwanted junk
From: Solbu (solbu_at_ugyldig.start.no)
Date: Wed, 02 Jun 2004 09:48:21 +0200
-----BEGIN PGP SIGNED MESSAGE-----
On tirsdag 1. juni 2004, 20:28 Nikitas tried to express an opinion:
> The idea is I like to put a blacklist of known sites
> somewhere in DNS on the server so they wont resolve on the local lan. Any
> suggestions or web links to help me in this is appreciated.
I do something similar, only I use my own DNS server to accomplish this.
I have a dedicated zone file for such domains in my dns server (BIND on Linux).
I simply let my dns server to be primary dns server for these domains,
and points the only "a record" to ip address 127.0.0.2 (not 127.0.0.1).
Then I set up my computers in the network to use my DNS server
as primary DNS, some even got this as the only dns server.
I primary used this to block advertizments on internet for users
who refused to use my proxy server.
The advantage of using this method, is that I don't have to maintain
a hosts file in order to keep up with the changing adresses within the domain.
(The hosts file also work for that machine only.)
I just add the domain in the dns server,
use the blocked.zone file for the domain,
and the domain is no longer accesible. :-)
(doubleclick.net is one of the domains blocked here.. hehe.)
Just add the domains you want blocked to the server, and it's gone.
Solbu - http://www.solbu.net
Remove 'ugyldig' for email
PGP key ID: 0xFA687324
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----