Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

viewing dns server cache 2

Status
Not open for further replies.
grnfvr

grnfvr

MIS
Dec 21, 2000
111
US
i know how to view ther cached dns records on the client. how do you view the dns records cached by the dns server itself? the same way? ipconfig /displaydns I wouldn't think so because then you would actually be viewing the client dns cache on the server, right?
 
Sort by date Sort by votes
Open DNS from Administrative Tools, expand your server and there should be a folder there for Cached Lookups. If you don't see it, enable the Advanced view by clicking on View -> Advanced. Marc Creviere
 
Upvote 0 Downvote
Did what you said, and it's great. Only problem is I see some of my users have been naughty. Can I manually delete a sigle cache, or is it better to flush dns and let the table rebuild? Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"Accident is the name of the greatest of all inventors."
Mark Twain (1835-1910), U.S. author.
 
Upvote 0 Downvote
Yeah, you should be able to right-click and delete items in there. Marc Creviere
 
Upvote 0 Downvote
Better yet, you can use the info from the cache to create your own DNS entries for the sites your "naughty" users frequent. If you do that, they won't be able to go back there unless they enter the actual IP address in the browser! E.g., if you want to block users from going to xxx.com, you can create a DNS entry for xxx.com, and don't bother to fill in the IP address. Once you delete the entry from the cache, future DNS queries for xxx.com will return an invalid IP address to the client, and users will get an error message.

Joe
 
Upvote 0 Downvote
great idea jpeachman, but that will only work if the user keeps repeatedly trying to go to the site because otherwise the record will become discarded and then the dns server will go out and get the correct dns record from the authoratative dn server for that domain
 
Upvote 0 Downvote
Actually, no. What I've done is add a new zone for each site or domain I want to block. While the only real domain for which our server is authoritative is our own, when I add other zones (which aren't properly ours) to our DNS server, it happily sends users to nowhere indefinitely for those sites. Unlike a cache entry, which has a time-to-live and is then discarded if not refreshed (and which I don't think you can edit anyway), these records are permanent. I actually have this in practice at a public school where I'm network admin, and it works fine!

Joe
 
Upvote 0 Downvote
thanks, that makes much more sense, just be sure you boss doesnt think your hosting those XXX sites, lol
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
314
suncit
suncit
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
219
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
267
Aquiles Vidal
Aquiles Vidal
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
225
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
253
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top