[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


can i use server 2k3 internal dns to stop access to certain sites on the internet?

Posted on 2007-10-12
Medium Priority
Last Modified: 2010-04-07
i have a server 2k3 domain with about 60 users. i am running dns on 2 of my DC's. i am having an issue where i need to stop access to certain sites on the internet (myspace, webmail pages, ect) can i use my internal dns server to redirect them "nowhere" so they recieve "page not found"?

this is just a temp fix for a growing problem. i am looking into a permanent solution but would appreciate a quick down and dirty workaround in the meantime.

EE rocks
Question by:joewy1

Accepted Solution

oldhammbc earned 668 total points
ID: 20065192
yep that would work, simply add the zone to dns and set the ip address's to point to
If you wanted to be really cleaver you could pop an IIS server on your network and create a standard block page and then set the dns entries for the sites you want blocking to that iis server!
If your looking for a more perminant solution id recomend webmarshal or websense!


Dave J
LVL 10

Assisted Solution

Darylx earned 668 total points
ID: 20065197
You'd have to create zones on your internal DNS server.  For example, create a primary zone named myspace.com.  Add a host record for www pointing to whatever IP you want.  When the user go to www.myspace.com, their computers will query your DNS server which will return the IP you specify...  down and dirty.

A proxy server would be a better permanent solution.
LVL 11

Assisted Solution

rvthost earned 664 total points
ID: 20065200
Hi - sure for quick and dirty to stop most people, you can use your internal DNS assuming your clients all point to your servers.  Add the domain zone ebay.com to your DNS server for example and redirect it to  
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

LVL 11

Expert Comment

ID: 20065202
Nice, 3 responses all at the same time ;-)
LVL 10

Expert Comment

ID: 20065210
pretty much what oldhammbc said, but a minute later.

Author Comment

ID: 20095426
EE rocks !!!! three answers at the same time!!!! i had to split 'em up (points)

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question