Only if you spell it right: "pr0n". That's a zero, not an "oh" - but that's the face you'll show.
On Tue, Mar 18, 2008 at 6:23 PM, Tom Strader <[EMAIL PROTECTED]> wrote: > *PRON? Is that a new form of PORN?? WooHoo!!* > > ------------------------------ > *From:* Tim Evans [mailto:[EMAIL PROTECTED] > *Sent:* Tuesday, March 18, 2008 9:55 AM > *To:* NT System Admin Issues > *Subject:* RE: DNS Wildcard zones for malware protection > > The problem with Openness is that their filtering is for pron, and > similar listings. malwaredomains.com <http://www.malwaredomains.com/>lists > domains known to be serving malware, and I don't see any similar > category on OpenDNS. I checked a few random domains from their lists and > OpenDNS didn't block them. That's too bad, because that would be an ideal > solution. > > > > > > …Tim > > > > *From:* Roger Wright [mailto:[EMAIL PROTECTED] > *Sent:* Monday, March 17, 2008 7:05 PM > *To:* NT System Admin Issues > *Subject:* RE: DNS Wildcard zones for malware protection > > > > OpenDNS provides filtering by category now. Could you perhaps integrate > that into your DNS strategy? > > Roger Wright > Network Administrator > 727.572.7076 x388 > ____ > > Fisherman's Credo: Fillet and Release. > > > From: Tim Evans [mailto:[EMAIL PROTECTED] <[EMAIL PROTECTED]>] > Sent: Monday, March 17, 2008 7:40 PM > To: NT System Admin Issues > Subject: DNS Wildcard zones for malware protection > > I've been looking at HYPERLINK "http://www.malwaredomains.com"; > www.malwaredomains.com and thinking about setting up a block list using > their list of malicious domains. I'm thinking about doing this by setting up > a wildcard zone for each domain on our DNS server. Right now, the list has > almost 20,000 domains. We're running Windows 2003 domain & forest > functional mode, with AD integrated zones. Our DNS servers are for internal > use only and are not publicly accessible. Here is the batch file I'm > planning to use: > > wget http://www.malwaredomains.com/files/domains.txt > for /F "eol=# tokens=1 " %%f in (domains.txt) do @echo %%f >>file.txt > for /F %%f in (file.txt) do dnscmd %server% /zoneadd %%f /DsPrimary /DP > /forest > for /F %%f in (file.txt) do dnscmd %server% /recordadd %%f * A 127.0.0.1 > > Some questions: > -Is there a more efficient way to block these domains (we also have ISA > 2006)? > -Is there a downside to having all that many domains on our DNS servers? > -any other words of wisdoms or warnings before I try this? > > Thanks. > > …Tim > > > > > > > > > > > -- ME2 ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
