Block a single domain through DNS on windows server 2003/2008/2012

We just got a phishing attempt and I felt really bad that I could not stop people from accessing a domain. Isn’t there a way to override a domain in our DNS just for a while so I can stop people from accessing a domain?

Yes, you could create a zone for that domain. No need to create any records, unless you want to point them to a webserver explaining why they are there. Having a DNS zone will make you authoritative for it. When people click on the phishing links, their computers will try to resolve the name with your DNS, and of course, will not be able to access the malware site.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: