ThreatSTOP BIND DNS Firewall Available
Joe Dahlquist
jdahlquist at threatstop.com
Fri Oct 7 20:37:07 UTC 2016
Hi John,
Thanks for the feedback! I'm Joe, Product Mgr here at ThreatSTOP.
You are correct in that the quick start guide is not BIND specific, nor is
it really device specific at all and touches more on helping a new user
understand elements of our service such as building a custom policy,
creating a user-defined list of IPs or domains to block or allow, and how to
work with our web based event log reporting. ThreatSTOP is compatible with
firewalls, routers, switches, load balancers, and DNS servers (esp. BIND!).
Thanks for posting the link to our config documentation for BIND, that
should be more familiar to the group here.
Zone transferring a blacklist is the core of what our service does for BIND,
on top of that we curate and maintain the contents of what that zone can
contain by aggregating a pretty comprehensive amount of reputational data on
domains and IPs into threat-type categories. Once a policy is defined by a
user the RPZ axfr can happen, and then automatically update contents of the
zone (fresh reputational data) at an interval the user determines best for
them.
Re: logging, the BIND instance will upload logs to our backend securely. The
http links you posted for "checkIP", "checklogs" and "sinkhole" are public
facing tools we make available for anyone to do their own mini security
assessments, and aren't the facilities used for people who run our service
on their device(s). We are moving our brand website to https soon, but
everything behind our portal that should be more secure is already https
with multi-factor auth.
Many thanks,
Joe
--
View this message in context: http://bind-users-forum.2342410.n4.nabble.com/ThreatSTOP-BIND-DNS-Firewall-Available-tp3027p3041.html
Sent from the Bind-Users forum mailing list archive at Nabble.com.
More information about the bind-users
mailing list