Is it possible to block resolution of a malware address?
Baird, Josh
jbaird at follett.com
Fri Apr 1 15:06:41 UTC 2011
We typically override malware-ish domains's by creating a zone on our
caching servers for them and create a wildcard similar to:
* IN A 127.0.0.1
That way, when clients try to resolve xyz.com, our caching/resolvers
return 127.0.0.1, not the real IP address.
Josh
-----Original Message-----
From: bind-users-bounces+jbaird=follett.com at lists.isc.org
[mailto:bind-users-bounces+jbaird=follett.com at lists.isc.org] On Behalf
Of Stewart Dean
Sent: Friday, April 01, 2011 10:22 AM
To: bind-users at lists.isc.org
Subject: Is it possible to block resolution of a malware address?
That is, if we know that a symbolic address is malign, is there some way
to
refuse to resolve it or change its resolution when an internal users
asks for
its resolution?
All my Google searching turns up DNSBLs and blocking incoming mail from
BLed
addresses, but this is another matter...
Thanks in advance...
--
====
Stewart Dean, Unix System Admin, Henderson Computer Resources
Center of Bard College, Annandale-on-Hudson, New York 12504
sdean at bard.edu voice: 845-758-7475, fax: 845-758-7035
_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list