Windows 2003 Hosts file for whole domain

  • Thread starter Thread starter Tom Del Rosso
  • Start date Start date
T

Tom Del Rosso

Can a Windows 2003 DNS server have the equivalent of a hosts file for the
whole domain, without having to enter each lookup into DNS management?


--

Reply in group, but if emailing add another
zero, and remove the last word.
 
Tom Del Rosso wrote:
> Can a Windows 2003 DNS server have the equivalent of a hosts file for
> the whole domain, without having to enter each lookup into DNS
> management?

No, that's not how hosts files work. What's your goal?
 
Last edited by a moderator:
"Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in
message news:eRuXMKuyHHA.1168@TK2MSFTNGP02.phx.gbl
> Tom Del Rosso wrote:
>> Can a Windows 2003 DNS server have the equivalent of a hosts file for
>> the whole domain, without having to enter each lookup into DNS
>> management?
>
> No, that's not how hosts files work. What's your goal?

I know hosts files don't work like that, but I said "the equivalent of..."

The goal is just to block sites, which is commonly done with a hosts file.
Of course there are lots of ways to do it, but since it's easy to download a
hosts file with a long list of black sites, it would be convenient to use it
for a whole domain (even if it has to be reformatted first).


--

Reply in group, but if emailing add another
zero, and remove the last word.
 
Last edited by a moderator:
What I have done in the past when I had neither the 3rd party hardware nor
software apps to block sites was to create DNS zones on the DNS server, for
each site, without their ips thus essentially going nowhere. However i only
did this for a handful of sites i wanted blocked so I cannot comment on the
effects of a vast multitude of these empty sites in your DNS.

Hope this helps,
Coraleigh Miller


"Tom Del Rosso" wrote in message
news:eET2J0uyHHA.988@TK2MSFTNGP02.phx.gbl...
> "Lanwench [MVP - Exchange]"
> <lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in
> message news:eRuXMKuyHHA.1168@TK2MSFTNGP02.phx.gbl
>> Tom Del Rosso wrote:
>>> Can a Windows 2003 DNS server have the equivalent of a hosts file for
>>> the whole domain, without having to enter each lookup into DNS
>>> management?
>>
>> No, that's not how hosts files work. What's your goal?
>
> I know hosts files don't work like that, but I said "the equivalent of..."
>
> The goal is just to block sites, which is commonly done with a hosts file.
> Of course there are lots of ways to do it, but since it's easy to download
> a
> hosts file with a long list of black sites, it would be convenient to use
> it
> for a whole domain (even if it has to be reformatted first).
>
>
> --
>
> Reply in group, but if emailing add another
> zero, and remove the last word.
>
>
 
Last edited by a moderator:
I would suggest you just distribute the downloaded hosts file to all pcs via
logon script. This way resolution requests never hit the wire saving you
some bandwidth.
 
Tom Del Rosso wrote:
> "Lanwench [MVP - Exchange]"
> <lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in
> message news:eRuXMKuyHHA.1168@TK2MSFTNGP02.phx.gbl
>> Tom Del Rosso wrote:
>>> Can a Windows 2003 DNS server have the equivalent of a hosts file
>>> for the whole domain, without having to enter each lookup into DNS
>>> management?
>>
>> No, that's not how hosts files work. What's your goal?
>
> I know hosts files don't work like that, but I said "the equivalent
> of..."
>
> The goal is just to block sites, which is commonly done with a hosts
> file. Of course there are lots of ways to do it, but since it's easy
> to download a hosts file with a long list of black sites, it would be
> convenient to use it for a whole domain (even if it has to be
> reformatted first).

Gotcha. Unfortunately, short of manually creating the zones, all I could
think of is copying the file to each workstation on a regular basis. But
this would be unreliable, a pain to administer and I suspect you'd run into
a lot of AD problems (presuming you run AD) with a lengthy hosts file on
each workstation.

What you really need is a proxy server that can do filtering for you...I
just heard of a well-reviewed freebie, but unfortunately failed to bookmark
it. If I find the post that mentioned it, I'll come back w/the link. You
might also look at content filtering services such as SonicWALL/etc.
 
Last edited by a moderator:
Back
Top