Internal DNS

[dsimpaired]

Trying to do something but not sure if it's even possible but humor me. I am running a test dns server for my lan and I want to block or redirect spyware sites that I have in a host file for windows clients. I have been putting the host file on lab machines and have had success in keeping spyware if installed from contacting home and helps keep it from being installed on newer machines. I want to go to a larger scale and implement this info across the board and thought I might be able to do it from internal DNS. Is there a way to incorporate my existing host file into a netware dns server that is functioning as a forwarding server? What I want to do is all of the sites in the host file be redirected to 127.0.0.1 but any other sites perform a valid lookup. Not sure if I have explained this plainly but it's a start.....

 

[marvhuffaker]

That's actually something that can be done fairly easily.

There were a couple threads a while back that go into pretty good detail... I found this one, but thought there was another somewhere.

http://www.tek-tips.com/viewthread.cfm?qid=862054

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting

http://www.redjuju.com

 

[dsimpaired]

That's the direction I want to go but I wanted to see if there is a way for the dns server to check it's own host file first before forwarding out. I have a custom host file with over 150 entries and was curious if there was a way to reference that instead of creating new entries for each item. I setup a linux dns and the machine actually referenced the host file but I couldn't get it to pass the info to the client. Nw65 dns works at the client but doesn't seem to recognize the host file. Even when I ping from the server console. I was hoping to have something I could just update from week to week in the form of a host file.

 

[dsimpaired]

Actually, is there a way to import the addresses from the host file into the dns???? Maybe a stupid question but I'm desperate...

 

[dsimpaired]

Got closer but wrong OS, found that you can change the order of dns source normally in a file called host.conf in linux. Does netware have an equivalent? order=bind,hosts

 

[ITsmyfault]

not sure how to play with the netware DNS the way you want to, but this job would be cake on your edge router (or core..) If you have access to it, you could impliment it a number of ways. The simplest is perhaps to create a null interface and then make static host routes sending anything to that IP into the 'bit bucket'. You could update this list and paste it into your router once a week or whatever. It won't eat CPU like ACL's will, and no one on your lan (or off of it..) will be able to beat it. Specific static routes always win.
JM2C

 

[dsimpaired]

We currently use a sonicwall for content filtering and firewall and I don't think it's complex enough for me to do that even if I knew how. I have the DNS servers working and I found an article which states that you can import dns info into a dns server if the file is formatted in bind format. Does anyone know of a tool or script that can take some kind of data and format it into bind or dns readable file. I think the entries just need to be a records.

 

[marvhuffaker]

I don't know exactly how Bind files are formatted. BUt I bet you could export your current DNS into a bind file, then look at it and model your list after it. Just a thought.

Marvin Huffaker MCNE, CNE
Marvin Huffaker Consulting

http://www.redjuju.com