RPZ configuration examples
babu dheen
babudheen at yahoo.co.in
Mon Nov 21 13:57:17 UTC 2011
Wonderful update. Really thanks for the details provided. Can you give me additional details as below
I gone through link http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-using-response-policy-zones-rpz/ and got to know that we need to configure one common zone to redirect all malware domain lookup to walled garden IP address and also we need to configure 'response-policy' in /etc/named.conf file.
1. How frequently DNS server will download the malware domain database
2. From where DNS server downloads the malware domains .. is it from SURBL webiste?
3. How to whitelist list of official/customer domains from RPZ query so that in case customer domain is listed in RPZ , business will not be affected?
Regards
Babu
--- On Sun, 20/11/11, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
From: Stephane Bortzmeyer <bortzmeyer at nic.fr>
Subject: Re: RPZ configuration examples
To: "Issam Harrathi" <issamneo at gmail.com>
Cc: "babu dheen" <babudheen at yahoo.co.in>, bind-users at lists.isc.org
Date: Sunday, 20 November, 2011, 8:02 PM
On Sat, Nov 19, 2011 at 03:24:14PM +0100,
Issam Harrathi <issamneo at gmail.com> wrote
a message of 139 lines which said:
> this is an example:
If the OP reads french, I suggest that
<http://www.bortzmeyer.org/rpz-faire-mentir-resolveur-dns.html> is
much more detailed.
If, however, he prefers english, I would point him towards
<http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-using-response-policy-zones-rpz/>.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20111121/e62eed60/attachment.html>
More information about the bind-users
mailing list