SBS 2011 DNS Issues

We have a Small Business Server 2011 implementation with 8 PCs.  All of our users could not get on sites like fedex.com or ups.com.  Most other sites were fine, but when we browse to UPS or Fedex, it redirects to an obviously spoofed Google page with spammy ads.   I change the default DNS settings at the client to point to Google's 8.8.8.8 DNS server and that seemed to fix the problem at the client, but I am worried about the server.  

I ran virus scans on the client and server and did not find any viruses.  SBS 2011 is the DNS server for the network, so I am concerned that something is wrong there.  What steps can I take to fix the DNS settings on the server?
dtervoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BelushiLomaxCommented:
First-off, dont point a DC to a public DNS server. It opens you to dns exploits which you may have.

Clean that up to where it only points to your isp or another inter Non-AD Integrated DNS server and restart the dns services and ipconfig /flushdns. Then consider a tool like hijackthis to get some insight to your bho's etc. Also, check your hosts file and make sure it's ok.

run a dcdiag /c /v /f:dcdiag.txt and search for and copy/paste the Error and Warning items
Cliff GaliherCommented:
I suspect your server is fine, but you have some DNS poisoning going on.

First thing is first. Client PC's should *always* only point at AD domain controllers for DNS. Otherwise things like security memberships and group policies will begin to fail. So undo the changes you made. If SBS is your only server then it should be the only DNS listing on the client (SBS's DHCP scopes set this up by default, so if you changed from DHCP to manual, simply switch back.)

Secondly, on the SBS server, open the DNS Server snap-in (under Administrative tools) and set up DNS forwarders. Use known "trusted" servers. Google DNS is not a bad choice, nor is OpenDNS. This is where I suspect the problem came from. You likely have ISP DNS servers now, and not all ISPs are good about protecting from poisoning.

Finally, flush the server's DNS cache once you've made the change and retest a known "bad" site from a client machine. If the problem appears resolved then your server was not the issue, but your DNS forwarders (ISP, etc) were and you've taken them out of the loop.

Good luck.

-Cliff

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GeodashCommented:
What are your DNS forwarders pointed to?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.