DNS Security Question
Michael Kondrashin
mkondrashin at hotmail.com
Tue Sep 21 08:26:05 UTC 1999
In article <0PxF3.6672$Pt1.3825 at wormhole.dimensional.com>,
davef at flatland.dimensional.com says...
> This may be a silly question, but is there anyway to stop a nameserver
> from resolving certain domains? For example... many users in my company
> are hitting sextracker.com and sexhound.com etc., and I'm wondering if
> there is any possible way to make our DNS server ignore requests for these
> domains.
I suppose that DNS has nothin to do with such problem.
ofcourse you _can_ use BIND to disable accessing some sites by DNS names, but
this is not best solution for your problem. You want to diable _Web_ access to
some sites, so you shoud use application level filter - HTTP proxy.
You can use squid - it supports ACL's, or buy some software intended to
perform such filtering and contains 'bad' sites list, like TrendMicro's InterScan
WebManager.
It filters viruses too. (http://www.antivirus.com)
More information about the bind-users
mailing list