The problem with Openness is that their filtering is for pron, and similar listings. malwaredomains.com <http://www.malwaredomains.com> lists domains known to be serving malware, and I don't see any similar category on OpenDNS. I checked a few random domains from their lists and OpenDNS didn't block them. That's too bad, because that would be an ideal solution.
...Tim From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2008 7:05 PM To: NT System Admin Issues Subject: RE: DNS Wildcard zones for malware protection OpenDNS provides filtering by category now. Could you perhaps integrate that into your DNS strategy? Roger Wright Network Administrator 727.572.7076 x388 ____ Fisherman's Credo: Fillet and Release. From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2008 7:40 PM To: NT System Admin Issues Subject: DNS Wildcard zones for malware protection I've been looking at HYPERLINK "http://www.malwaredomains.com"www.malwaredomains.com and thinking about setting up a block list using their list of malicious domains. I'm thinking about doing this by setting up a wildcard zone for each domain on our DNS server. Right now, the list has almost 20,000 domains. We're running Windows 2003 domain & forest functional mode, with AD integrated zones. Our DNS servers are for internal use only and are not publicly accessible. Here is the batch file I'm planning to use: wget http://www.malwaredomains.com/files/domains.txt for /F "eol=# tokens=1 " %%f in (domains.txt) do @echo %%f >>file.txt for /F %%f in (file.txt) do dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest for /F %%f in (file.txt) do dnscmd %server% /recordadd %%f * A 127.0.0.1 Some questions: -Is there a more efficient way to block these domains (we also have ISA 2006)? -Is there a downside to having all that many domains on our DNS servers? -any other words of wisdoms or warnings before I try this? Thanks. ...Tim ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
