Frosty555
asked on
Ad-blocking DNS server on Windows Server
In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domains
I have a client who wants a similar thing configured on their business network, but they have two servers - one is running SBS 2003 and the other is running Server 2008. They do not want Linux.
Is there any similar method for configuring a Windows DNS server to perform ad blocking?
I have a client who wants a similar thing configured on their business network, but they have two servers - one is running SBS 2003 and the other is running Server 2008. They do not want Linux.
Is there any similar method for configuring a Windows DNS server to perform ad blocking?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domainsHow did you accomplish this? Did you create lookup zones for each domain and then create a wildcard host record inside each zone pointing to 127.0.0.1 or something like that, or did you go about it in a totally different way? If you can provide some details, we may be able to tell you how to do the same thing in Windows.
ASKER
DrDave - basically, I had an Ubuntu server with Webmin and BIND installed. A perl script automatically generates a zone file, /etc/bind/named.conf.adblo ck, which looks like this:
And the /etc/bind/null.zone zone file looks like this:
I have a webserver running on 192.168.1.222, with an appropriately configured Apache webserver that will respond to all possible queries with a very small text file that says "This advertisement was blocked".
The end result is that advertisements graphics become a white "invalid" image box, and advertisement iframes and div tags become a "This advertisement was blocked" textual message.
I would prefer not to try and implement BIND on Windows. I want to use the Microsoft DNS Server so that it works with Active Directory.
I supposed I could just set up a little Ubuntu box to run BIND and Apache, and just set up the MS DNS forwarding to use it.... but I was hoping to get away from Linux entirely for this particular implementation.
OpenDNS is one possible option I suppose.
zone "101com.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "101order.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "103bees.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123found.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123pagerank.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "180hits.de" { type master; notify no; file "/etc/bind/null.zone"; };
.... etc
And the /etc/bind/null.zone zone file looks like this:
; point IPs at local webserver that serves up a "this page was blocked" message
; BIND db file for ad servers - point all addresses to an invalid IP
$TTL 864000 ; ten days
@ IN SOA ns0.example.net. hostmaster.example.net. (
2008032800 ; serial number YYMMDDNN
288000 ; refresh 80 hours
72000 ; retry 20 hours
8640000 ; expire 100 days
864000 ) ; min ttl 10 day
NS ns0.example.net.
A 192.168.1.222
* IN A 192.168.1.222
I have a webserver running on 192.168.1.222, with an appropriately configured Apache webserver that will respond to all possible queries with a very small text file that says "This advertisement was blocked".
The end result is that advertisements graphics become a white "invalid" image box, and advertisement iframes and div tags become a "This advertisement was blocked" textual message.
I would prefer not to try and implement BIND on Windows. I want to use the Microsoft DNS Server so that it works with Active Directory.
I supposed I could just set up a little Ubuntu box to run BIND and Apache, and just set up the MS DNS forwarding to use it.... but I was hoping to get away from Linux entirely for this particular implementation.
OpenDNS is one possible option I suppose.
http://alex.charrett.com/bind-on-windows