Block Pandora using DNS in a AD 2003 environmnet

Posted on 2011-04-20
Medium Priority
Last Modified: 2012-05-11
Hello Experts,

We have a ton of users that are using pandora and eating up bandwidth.  I would like to configure DNS so that when a user tries to access www.pandora.com, they are rerouted to our internal web page.  Based on information that I have found here and on the web, I have done the following:
1.  From our DNS server (which is also a 2003 domain controller), I have created a new forward lookup zone.  I have tried this as both a primary DNS zone and an AD integrated DNS zone.
2.  Once the zone was created, I added a new A record.  For the name of the A record I entered "*".  For the IP I entered the internal IP of our intranet site
3.  I cleared the DNS cache
4.  Opened IE and typed www.pandora.com and was taken right to the pandora site.

What am I missing here?

Question by:ndalmolin_13
  • 3
  • 2
LVL 14

Accepted Solution

Kaffiend earned 2000 total points
ID: 35437655
1.  Create an A record - www, and point that at your intranet address ?

2.  Also, rather than use " * " for the first A record that you created, you should just leave it blank.
(you can test whether this is good advice by typing in *.pandora.com in your web browser)

Try that.

Author Closing Comment

ID: 35442777
That did it
LVL 14

Expert Comment

ID: 35442920
You blocked Pandora?  Let the phone calls begin !!!  :-)

BTW, you do realize that there will always be some users who get around the DNS trick - an enterprising music-starved person might just use an IP address.  Might be better to do it at the firewall if you have equipment that allows you to do that.
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!


Expert Comment

ID: 35691402
I had a very hard time finding servers to block at my firewall but have had success blocking
LVL 14

Expert Comment

ID: 35693196
BillMars  - that's kind of harsh, blocking 200-something IPs.  Hope there's no collateral damage  ;-)

Expert Comment

ID: 35693259
We are a small company and if we have any users that can't get to a site I will hear about it pretty quickly.  So far it hasn't been an issue.  I know Pandora is using a lot of those IPs although all that I have seen have been in the sub .100 range so I suppose you could probably get away with using a /25 instead.

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Hi, this video explains a free download that you can incorporate into your Access databases, or use stand-alone for contact management. Contacts -- Names, Addresses, Phone Numbers, eMail Addresses, Websites, Lists, Projects, Notes, Attachments…
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question