How to wall garden the malicious domain
Blason R
blason16 at gmail.com
Thu Apr 19 05:37:30 UTC 2018
Hi,
I need to wall garden the malicious Domain request and instead route to
that server itself.
e.g. my DNS server IP is 192.168.5.47 and would like to wall-garden the
request and provide the IP 192.168.5.47 since I have 0.3 million domains
specifying IP in front of them would not be a good option.
Can you please suggest me the way to do that?
Here is my RPZ zone
$TTL 300
@ IN SOA localhost. need.to.know.only. (
1486847439 ; Serial number
60 ; Refresh every 1 minutes
60 ; Retry every minute
432000 ; Expire in 5 days
60 ) ; negative caching ttl 1 minute
IN NS localhost.
test.test.com. A 192.168.5.47
deteque.com IN CNAME rpz-passthru.
*.deteque.com IN CNAME rpz-passthru.
onion.link IN CNAME @ ; High risk tor gateways
*.onion.link IN CNAME @ ; High risk tor gateways
cisco.com CNAME rpz-drop.
*.malicioud.com A 192.168.5.47
*.badguy.com A 192.168.5.47
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180419/f1ffc0f5/attachment.html>
More information about the bind-users
mailing list