subject:"OT\: Building a DNS blackhole server"

OT: Building a DNS blackhole server

2011-10-20 Thread carlopmart


Hi all,

 Actually, I have two OpenBSD 4.9 servers one as a primary DNS server 
and the second acting as a slave. I would like to implement a DNS 
blackhole in both servers. Reading and searching docs about this topic I 
have found this comparision table in wikipedia:


https://secure.wikimedia.org/wikipedia/en/wiki/Comparison_of_DNS_blacklists

 But, what is your opinion about this table?? What are the most 
reliable suppliers??? Which of these lists is sure to be deployed in a 
production environment? I do not want to generate more false positives 
than necessary.


Thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com

Re: OT: Building a DNS blackhole server

2011-10-20 Thread Kevin Wilcox

On 20 October 2011 04:21, carlopmart carlopm...@gmail.com wrote:

 https://secure.wikimedia.org/wikipedia/en/wiki/Comparison_of_DNS_blacklists

 B But, what is your opinion about this table?? What are the most reliable
 suppliers??? Which of these lists is sure to be deployed in a production
 environment? I do not want to generate more false positives than necessary.

Is your intent to cut SPAM on your servers (the intent of the majority
of those) or are you looking to stop domain-based malware, like Zeus
and its kin, from being able to phone home? If the latter, I'd start
by looking for malware and botnet domains, and with the understanding
that it's only a small part of defence-in-depth.

kmw

OT: Building a DNS blackhole server

Re: OT: Building a DNS blackhole server

2 matches

Site Navigation

Mail list logo

Footer information