Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, April 10, 2018 4:33 AM
Dear all,
I got request form IT Security team to block DNS query malware in DNS Service.
They guide me with follow this link.
/en-us/windows-server/networking/dns/deploy/apply-filters-on-dns-queries%C2%A0
Unfortunately, this PowerShell command works only Windows server 2016.
Could you please advise how to do it on Windows server 2012R2?
And If we follow this command will be affect to dns service or not?
The address want to block:
1- checkip.dyndns.org
Please kindly advise. thank you!
Best Regards,
Chinda Sam.
Best Regards, Chinda Sam
All replies (6)
Tuesday, April 10, 2018 7:58 AM
Hi,
There are some similar issue with you, please refer to it.
https://serverfault.com/questions/513777/prevent-dns-responses-for-specific-domain-completely
Please note what Universal4 said
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Best Regards,
Frank
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Thursday, April 12, 2018 1:57 AM
Hi,
Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.
Best Regards,
Frank
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Tuesday, April 17, 2018 8:30 AM
Hi,
Was your issue resolved?
If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
If no, please reply and tell us the current situation in order to provide further help.
Best Regards,
Frank
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Friday, April 20, 2018 3:25 AM
Dear Frank,
I am trying to block those domain from query by Create Forward lookup zone for those domain on DNS server. I am not sure if this is the good solutions but I can't find other solution yet.
Best regards,
Chinda sam.
Best Regards, Chinda Sam
Friday, April 20, 2018 6:06 AM
Hi,
As far as filtering queries for specific domains I think the only Microsoft OS that will do that is Server 2016 with the new DNS query policy.
Like others have said in the thread, if it is a recursive for an internal network or specific clients, block all access to port 53 except those IPs you want to allow.
Or you could migrate your dns server to the VM which is WS2016 hosted in the WS2012R2.
Best Regards,
Frank
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Tuesday, April 24, 2018 8:53 AM
Hi,
Just check the situation about your issue.
Best Regards,
Frank
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]