Restrict web usage via DNS?

By soatone ·
Is there a way to restrict which websites a user or users can access on the DNS server? Essentially, what we want to do is allow access to specific web sites while denying access to others. My knowledge of DNS servers is fairly limited so please excuse me if what I am about to say is incorrect. I think that the only to restrict websites on the DNS server is to create a static zone on the server and only add the entries we want. However, we also want to accept updates from a third party DNS server, which would imply a dynamic zone.

I know this can be easily done using a web filter, but my company does not have the money or desire to pursue such a solution. Also, the DNS server will NOT be a Microsoft DNS server. At this point we?re not sure what we want to use. We?re looking at either an AS/400 DNS or some kind of Linux derivative. We?ve actually talked about just installing BIND 9 on a workstation. A recommendation would be appreciated.

I welcome your thoughts.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Endian Firewall

by pc21geek In reply to Restrict web usage via DN ...

I use a product that is called Endian Firewall
It is very robust and scaleable. It installs on an older pc with no problems. I use it at home to keep my teenage boys off " those sites ". Its open source and very easy to manage, configure and install.
It has alot of functionality to it as well ( vpn, content filtering, proxy server, etc).

I hope this helps you.


Collapse -

Web proxy

by Toivo Talikka In reply to Restrict web usage via DN ...

The requirements you describe can be fulfilled by installing a web proxy product like Squid, see Squid is usually part of Linux distributions like Fefora. A few years ago I gave a second life to an obsolete PC by installing RedHat 9 with Squid for 100+ users.

In Squid you can allow access to a list of sites, or block access to sites, for example all sites with the word 'mail' in the domain name. You can limit browsing to certain hours, or allow browsing during lunch and after hours. The management interface collects lots of useful data.

A number of open source web appliances and firewall implementations use Squid.

Back to Networks Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums