Solved

Ad-blocking DNS server on Windows Server

Posted on 2013-11-07
4
1,034 Views
Last Modified: 2013-11-17
In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domains

I have a client who wants a similar thing configured on their business network, but they have two servers - one is running SBS 2003 and the other is running Server 2008. They do not want Linux.

Is there any similar method for configuring a Windows DNS server to perform ad blocking?
0
Comment
Question by:Frosty555
4 Comments
 
LVL 12

Expert Comment

by:piattnd
ID: 39630657
Found this blog entry regarding BIND on windows.  Check it out.

http://alex.charrett.com/bind-on-windows
0
 
LVL 24

Accepted Solution

by:
Mike Thomas earned 500 total points
ID: 39630767
Or use somthing like open DNS maybe?
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 39634218
In the past, I have implemented for myself a local DNS server running Ubuntu and BIND which would block advertisements. Basically the local DNS server had a big zone file which blocked all of the major advertisement domains
How did you accomplish this? Did you create lookup zones for each domain and then create a wildcard host record inside each zone pointing to 127.0.0.1 or something like that, or did you go about it in a totally different way? If you can provide some details, we may be able to tell you how to do the same thing in Windows.
0
 
LVL 31

Author Comment

by:Frosty555
ID: 39649594
DrDave - basically, I had an Ubuntu server with Webmin and BIND installed.  A perl script automatically generates a zone file, /etc/bind/named.conf.adblock, which looks like this:

zone "101com.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "101order.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "103bees.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123found.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "123pagerank.com" { type master; notify no; file "/etc/bind/null.zone"; };
zone "180hits.de" { type master; notify no; file "/etc/bind/null.zone"; };
.... etc

Open in new window


And the /etc/bind/null.zone zone file looks like this:

; point IPs at local webserver that serves up a "this page was blocked" message

; BIND db file for ad servers - point all addresses to an invalid IP
$TTL    864000  ; ten days

@       IN      SOA     ns0.example.net.      hostmaster.example.net. (
                        2008032800       ; serial number YYMMDDNN
                        288000   ; refresh  80 hours
                        72000    ; retry    20 hours
                        8640000  ; expire  100 days
                        864000 ) ; min ttl  10 day
                NS      ns0.example.net.

                A       192.168.1.222

*               IN      A       192.168.1.222

Open in new window


I have a webserver running on 192.168.1.222, with an appropriately configured Apache webserver that will respond to all possible queries with a very small text file that says "This advertisement was blocked".

The end result is that advertisements graphics become a white "invalid" image box, and advertisement iframes and div tags become a "This advertisement was blocked" textual message.

I would prefer not to try and implement BIND on Windows. I want to use the Microsoft DNS Server so that it works with Active Directory.

I supposed I could just set up a little Ubuntu box to run BIND and Apache, and just set up the MS DNS forwarding to use it.... but I was hoping to get away from Linux entirely for this particular implementation.

OpenDNS is one possible option I suppose.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now