Link to home
Start Free TrialLog in
Avatar of Frosty555
Frosty555Flag for Canada

asked on

Ad-blocking DNS server on Windows Server

In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domains

I have a client who wants a similar thing configured on their business network, but they have two servers - one is running SBS 2003 and the other is running Server 2008. They do not want Linux.

Is there any similar method for configuring a Windows DNS server to perform ad blocking?
Avatar of piattnd
piattnd

Found this blog entry regarding BIND on windows.  Check it out.

http://alex.charrett.com/bind-on-windows
ASKER CERTIFIED SOLUTION
Avatar of Mike Thomas
Mike Thomas
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DrDave242
In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domains
How did you accomplish this? Did you create lookup zones for each domain and then create a wildcard host record inside each zone pointing to 127.0.0.1 or something like that, or did you go about it in a totally different way? If you can provide some details, we may be able to tell you how to do the same thing in Windows.
Avatar of Frosty555

ASKER

DrDave - basically, I had an Ubuntu server with Webmin and BIND installed.  A perl script automatically generates a zone file, /etc/bind/named.conf.adblock, which looks like this:

zone "101com.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "101order.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "103bees.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123found.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123pagerank.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "180hits.de" { type master; notify no; file "/etc/bind/null.zone"; };
.... etc

Open in new window


And the /etc/bind/null.zone zone file looks like this:

; point IPs at local webserver that serves up a "this page was blocked" message

; BIND db file for ad servers - point all addresses to an invalid IP
$TTL    864000  ; ten days

@       IN      SOA     ns0.example.net.      hostmaster.example.net. (
                        2008032800       ; serial number YYMMDDNN
                        288000   ; refresh  80 hours
                        72000    ; retry    20 hours
                        8640000  ; expire  100 days
                        864000 ) ; min ttl  10 day
                NS      ns0.example.net.

                A       192.168.1.222

*               IN      A       192.168.1.222

Open in new window


I have a webserver running on 192.168.1.222, with an appropriately configured Apache webserver that will respond to all possible queries with a very small text file that says "This advertisement was blocked".

The end result is that advertisements graphics become a white "invalid" image box, and advertisement iframes and div tags become a "This advertisement was blocked" textual message.

I would prefer not to try and implement BIND on Windows. I want to use the Microsoft DNS Server so that it works with Active Directory.

I supposed I could just set up a little Ubuntu box to run BIND and Apache, and just set up the MS DNS forwarding to use it.... but I was hoping to get away from Linux entirely for this particular implementation.

OpenDNS is one possible option I suppose.