can i use server 2k3 internal dns to stop access to certain sites on the internet?

Posted on 2007-10-12
Last Modified: 2010-04-07
i have a server 2k3 domain with about 60 users. i am running dns on 2 of my DC's. i am having an issue where i need to stop access to certain sites on the internet (myspace, webmail pages, ect) can i use my internal dns server to redirect them "nowhere" so they recieve "page not found"?

this is just a temp fix for a growing problem. i am looking into a permanent solution but would appreciate a quick down and dirty workaround in the meantime.

EE rocks
Question by:joewy1
    LVL 8

    Accepted Solution

    yep that would work, simply add the zone to dns and set the ip address's to point to
    If you wanted to be really cleaver you could pop an IIS server on your network and create a standard block page and then set the dns entries for the sites you want blocking to that iis server!
    If your looking for a more perminant solution id recomend webmarshal or websense!


    Dave J
    LVL 10

    Assisted Solution

    You'd have to create zones on your internal DNS server.  For example, create a primary zone named  Add a host record for www pointing to whatever IP you want.  When the user go to, their computers will query your DNS server which will return the IP you specify...  down and dirty.

    A proxy server would be a better permanent solution.
    LVL 11

    Assisted Solution

    Hi - sure for quick and dirty to stop most people, you can use your internal DNS assuming your clients all point to your servers.  Add the domain zone to your DNS server for example and redirect it to  
    LVL 11

    Expert Comment

    Nice, 3 responses all at the same time ;-)
    LVL 10

    Expert Comment

    pretty much what oldhammbc said, but a minute later.

    Author Comment

    EE rocks !!!! three answers at the same time!!!! i had to split 'em up (points)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now