Is it possible to block website from DNS Level. Is it possible to create DNS server in windows server 2012?
I know you can do it pre-DNS pevel. Prior to DNS lookup, windows will check the hosts file for IP to domain mapping. You can set facebook.com to 192.168.1.1 and it will use that ip for facebook rather than looking it up in DNS, and thus blocking it. This would require modifying the host file on every machine you want to sensor though. Its a file in the system32 folder.
Related
I've got a single DNS entry which I want to map to an external IP address (the ip represent an active directory server running on amazon cloud). Unfortunately, the DNS server used in my organisation has different mapping and it send this URL to internal address (local network) and I don't have permissions to change it for all users.
So I've manually change this DNS entry in my local machine. However, every once in a while, it gets updated by the DNS server.
I tried disabling that updates with a Group Policy, but with no help.
Is there any way to permanently set this DNS mapping either locally (preferable) or in the DNS server for my machine only ?
Update your host file.
In windows:
c:\Windows\System32\drivers\etc\hosts
In Mac:
/etc/hosts
In Linux
/etc/hosts
Add your server there
123.123.123.123 domain.com
Your host file have precedence over the DNS query and is much faster.
I have installed xampp server on my windows 7.
I am connecting internet using HUAWEI Dongle.
I don't have any static IP address.i Want to access my php file from internet example I have connected to internet now I have dynamic IP address like 100.101.73.240 if some one enter 100.101.73.240/home.php in his browser address bar then my home.php page should open in his browser.
What should I do for this give me step by step guide.
Local Ip can't work over the internet. It's your intranet network. If you have dynamic internet IP, then you simply configure the Dynamic DNS service. Which you can configure your Internet Router with the following settings (provided by the Dynamic DNS service providers).
dyn.com
noip.com
dynu.com
many more.
Thanks
If you want to share IP with someone from your local area network:
Go to cmd, run ipconfig command, and find your local IP, which should be like 192.168.xxx.yyy. You can easily share it with no worries it will change each time you reset your network.
If it's someone from external network:
You have no power to share your external IP if you have dynamic one, it will change too often, but still it should work for a short connection sessions. To obtain a stable address you would have to register a domain
I'm setting up an iMAC in a store. They want to have the browser open to their website and restrict access so people can't use the computer to browse any other site. I see many discussions online but no actual code sample. Can you please write out the exact lines of code that I need to add to the hosts file and its location on a new iMAC with OS X.
You can achieve this by catching all web traffic and routing it to the IP address of the site you want to limit access to.
For example: If the website IP was 10.0.0.1
10.0.0.1 .com
10.0.0.1 .info
10.0.0.1 .org
(You can keep adding rows for each TLD (.com, .net etc) that you wish to block.
Any http requests sent from the machine would then try to resolve on that host.
This should prevent other websites from resolving but the one you require.
I have a piece of code where an external API needs to access my "www" folder for images. When I load the url, "http://localhost:8001/images/1.jpg" from the browser, it does show the image. But when I access it through the code it says, "connection refused". I have turned off the firewall as well. I also tried using the IP address instead of the "localhost".That doesn't work either. Please help.
Remember the domain name localhost has a special meaning. It always means this PC, or more accurately this network cards loopback address.
I cannot access your PC from here using the domain name localhost, as it will always be looped back to my PC.
If you want an external site to make a call to your PC then there are a number of things you will have to do.
Buy yourself an domain name, you either buy a real one or use a Dynamic DNS service like dyndns.com or or noip.com
Or you use your routers WAN ip address.
Then you must amend the httpd.conf file so that Apache allows access
from all ipaddress's
Then you must Port Forward your Router so the the NAT firewall allows
external accesses on port 80 to be forwarded to the internal PC
running Apache, and only that PC.
And possibly amend your software firewall on the Apache PC to allow access from external sources on port 80
I developed a client/server simulation application. I deployed client and server on two different Windows XP machines. Somehow, the client is not able to send requests to the server.
I tried below options:
Pinged server machine successfully from client using ip-address.
Pinged client machine successfully from server using ip-address.
Checked netstat command line tool from both machines. Server is in LISTENING mode and client is in SYS_SENT mode. But the foreign address it is using to send is host name not the ip address.
Pinged server machine unsuccessfully using host name from client.
Pinged client machine successfully using host name from server.
I feel the problem is when the client is trying to connect to the server using the host name.
Could you please let me know how to force an application to use an ip address instead of a host name? Is there any other way to map the host name to an ip address?
Go to your client machine and type in:
nslookup server.company.com
substituting the real host name of your server for server.company.com, of course.
That should tell you which DNS server your client is using (if any) and what it thinks the problem is with the name.
To force an application to use an IP address, generally you just configure it to use the IP address instead of a host name. If the host name is hard-coded, or the application insists on using a host name in preference to an IP address (as one of your other comments seems to indicate), then you're probably out of luck there.
However, you can change the way that most machine resolve the host names, such as with /etc/resolv.conf and /etc/hosts on UNIXy systems and a local hosts file on Windows-y systems.
Try tracert to resolve the hostname. IE you have Ip address 8.8.8.8 so you would use; tracert 8.8.8.8
You could use a C function getaddrinfo() to get the numerical address - both ipv4 and ipv6.
See the example code here
This is hard to answer without more detail about the network architecture. Some things to investigate are:
Is it possible that client and/or server is behind a NAT device, a firewall, or similar?
Is any of the IP addresses involved a "local" address, like 192.168.x.y or 10.x.y.z?
What are the host names, are they "real" DNS:able names or something more local and/or Windows-specific?
How does the client look up the server? There must be a place in code or config data that holds the host name, simply try using the IP there instead if you want to avoid the lookup.
Windows XP has the Windows Firewall which can interfere with network traffic if not configured properly. You can turn off the Windows Firewall, if you have administrator privileges, by accessing the Windows Firewall applet through the Control Panel. If your application works with the Windows Firewall turned off then the problem is probably due to the settings of the firewall.
We have an application which runs on multiple PCs communicating using UDP/IP and we have been doing experiments so that the application can run on a PC with a user who does not have administrator privileges. In order for our application to communicate between multiple PCs we have had to use an administrator account to modify the Windows Firewall settings.
In our application, one PC is designated as the server and the others are clients in a server/client group and there may be several groups on the same subnet.
The first change was to use the functionality of the Exceptions tab of the Windows Firewall applet to create an exception for the port that we use for communication.
We are using host name lookup so that the clients can locate their assigned server by using the computer name which is composed of a mnemonic prefix with a dash followed by an assigned terminal number (for instance SERVER100-1). This allows several servers with their assigned clients to coexist on the same subnet. The client uses its prefix to generate the computer name for the assigned server and to then use host name lookup to discover the IP address of the assigned server.
What we found is that the host name lookup using the computer name (assigned through the Computer Name tab of the System Properties dialog) would not work unless the server PC's Windows Firewall had the File and Printer Sharing Service port enabled.
So we had to make two changes: (1) setup an exception for the port we used for communication and (2) enable File and Printer Service in the Exceptions tab to allow for the host name lookup.
** EDIT **
You may also find this Microsoft Knowledge Base article on helpful on Windows XP networking.
And see this article on NETBIOS name resolution in Windows.