?
Solved

I would like to create a DNS server

Posted on 2014-11-13
12
Medium Priority
?
200 Views
Last Modified: 2014-11-19
I would like to create my own DNS server for either a workgroup or Domain.  Is this possible to do on my own.  What is the simplest way to begin doing so?  Any direction would be appreciated.  Is there a third party tool that could help my make my own?
0
Comment
Question by:al4629740
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 40440760
What do you mean?  In a domain, Active Directory installation automatically installs the DNS server and configures it.

Can you elaborate on why you want to do this - DNS is used in a variety of places and for a variety of reasons - understanding your goals will make advising you easier.
0
 

Author Comment

by:al4629740
ID: 40440793
I would like to create a DNS server that blocks certain sites based on a blacklist. I don't want to use any public ones such as open DNS
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 664 total points
ID: 40440905
A hosts file will do the same thing on a local PC.

Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

The problem with this plan is to be effective (depending on what you block) it could be a full time job for dozens of people - which is why employing an existing service is usually a better option).
0
WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

 
LVL 6

Expert Comment

by:Asif Bacchus
ID: 40440982
What is your current setup?  Are you in a domain environment, just a workgroup, using a router, behind a linux/BSD firewall?  Or is this question more of a general knowledge type question?  If so, are you wondering about individual computers or a domain environment?

Regarding Lee's point, he is correct about the time involved if you are blocking many domains.  If you are looking to block a handful (like facebook or hotmail, etc.) then manual entries are feasible.  Otherwise, third party blacklists are a much faster approach.
0
 

Author Comment

by:al4629740
ID: 40441917
It's more of interest in implementing it for knowledge and to create my own for my clients to use.

Couldn't I just use published blacklists also?

I still would like some ideas on making my own dns server for web filtering
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 40442420
What ideas - already given instructions - to repeat:
Alternately, you can setup any DNS server and just add a site - to block www.xxx.com simply add xxx.com as a domain the DNS server knows about.  Lookups will find no reference to www and return page not found.  

You could script the addition of published blacklists into a DNS server.
0
 

Author Comment

by:al4629740
ID: 40443356
Creating a DNS server in Windows server is easy, but what about if I wanted to create a DNS server on the workstation?
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 40443693
Few if any professionals would do so, so now your asking a fringe question that, in m opinion, is unlikely to get you very many good and experienced responses.  Windows Server comes with a DNS server, so that is what I use - I wouldn't think of putting on one a workstation.  You could use something with linux, but that potentially gets more complicated.
0
 

Author Comment

by:al4629740
ID: 40443710
In the end my goal is to create a web content filter system of my own. I would imagine creating my own DNS server would be the first place to start.
0
 
LVL 6

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 1336 total points
ID: 40444008
I will preface this by saying that  setting up your own DNS server for what you trying to do is more trouble than it's worth, but the basics are not really that difficult.  Others have covered the Windows Server angle, so I'll address your workstation question.

I would go with a linux distro, as barebones as possible, to do this.  Take a look at Turnkey Linux (http://www.turnkeylinux.org/) as they have prebuilt barebones DNS VMs you can test out.  From there a good tutorial via google will get you going.  As a note, if you are setting up a DNS server, please do not expect a standard workstation NIC to do the job.  Invest in an Intel Server NIC for a few extra dollars.

HTH
0
 

Author Comment

by:al4629740
ID: 40444078
That is exactly what I was looking for.  Thank you.   Is Linux the best way to go?  What do most public DNS servers consist of.
0
 
LVL 6

Accepted Solution

by:
Asif Bacchus earned 1336 total points
ID: 40444089
Linux is a very secure way to go, as long as you keep the system updated.  I like TurnKey's VMs because they have an auto-update feature built in and are based on a STABLE distributions that are commercial grade.  Plus, they have a nice GUI management interface that is nice when you are learning.  

Most DNS servers are based on some flavour of *NIX or BSD.  BSD is a better choice since it's even more secure out of the box than linux (IMHO) but it is harder to work with and I don't know of many tutorials or pre-made VMs that you can experiment with.

For now, I'd suggest getting your feet wet with a simple linux distro and DNS system like the one at TurnKey.  It will be very reliable for you and do what you're looking for.

Cheers.
0

Featured Post

Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question