How to wall garden the malicious domain
Grant Taylor
gtaylor at tnetconsulting.net
Thu Apr 19 18:57:18 UTC 2018
On 04/18/2018 11:37 PM, Blason R wrote:
> I need to wall garden the malicious Domain request and instead route to
> that server itself.
I assume that you are saying that you need to 1) filter malicious
domains and 2) you want requests for them to be resolved to your (DNS?)
server.
> e.g. my DNS server IP is 192.168.5.47 and would like to wall-garden the
> request and provide the IP 192.168.5.47 since I have 0.3 million domains
> specifying IP in front of them would not be a good option.
What do you mean by "specifying IP in front of them would not be a good
option"? Are you saying that you don't want to have "$domain A
192.168.5.47" entries for all 300k domains?
Without doing anything, BIND will resolve the domains normally. So you
will need to do something to each of the domains to cause the RPZ to not
resolve the domains normally. This usually means that you will need to
specify an alternate IP or CNAME for each and every one of them. I
don't see a way around this.
> Can you please suggest me the way to do that?
Please elaborate on what you are wanting to do and not do.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180419/8ef3d405/attachment.bin>
More information about the bind-users
mailing list