Do you run all (most?) of these lists on your server? Does it have much impact on performance? MS implies on their Best Practices page that there can be a performance hit using domain and URL sets.
...Tim From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: Tuesday, March 18, 2008 4:20 AM To: NT System Admin Issues Subject: RE: DNS Wildcard zones for malware protection Yeah, you can do it in ISA. I have some zipped block lists at www.isaserver.bm S From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2008 8:40 PM To: NT System Admin Issues Subject: DNS Wildcard zones for malware protection I've been looking at www.malwaredomains.com and thinking about setting up a block list using their list of malicious domains. I'm thinking about doing this by setting up a wildcard zone for each domain on our DNS server. Right now, the list has almost 20,000 domains. We're running Windows 2003 domain & forest functional mode, with AD integrated zones. Our DNS servers are for internal use only and are not publicly accessible. Here is the batch file I'm planning to use: wget http://www.malwaredomains.com/files/domains.txt for /F "eol=# tokens=1 " %%f in (domains.txt) do @echo %%f >>file.txt for /F %%f in (file.txt) do dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest for /F %%f in (file.txt) do dnscmd %server% /recordadd %%f * A 127.0.0.1 Some questions: -Is there a more efficient way to block these domains (we also have ISA 2006)? -Is there a downside to having all that many domains on our DNS servers? -any other words of wisdoms or warnings before I try this? Thanks. ...Tim ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
