Well I was working on the same but you really need to have good RPZ feeds.
I subscribed to third party feeds and have worked on my RPZ but later you
need to have good reporting engine. Hence better to have a dedicated RPZ
server instead and that's what I could suggest.
This is not marketing talk
Sorry for confusion. I thought that you have access to the RPZ feeds. You can
not trigger an RPZ rule by the recursion bit.
You should contact to your DNS provider and ask them instead of NXDOMAIN
provide you a different response which you can be used to trigger RPZ on your
Bind (e.g. unused
Hi Vadim,
Thanks for the response,
How will that zone policy differentiate between responses with the
'recursion available' bit set and unset?
I do not have the list of malware sites, the DNS provider does not share
it.
Also I'm no expert with BIND so pardon any outside question.
On Sat, Aug
Hi Felipe,
You do need to do that. You may configure redirect action on a zone level. Just
add "policy cname domain"
[ response-policy {
zone zone_name
[ policy ( given | disabled | passthru | drop |
tcp-only | nxdomain | nodata | cname domain ) ]
[
Hi,
I have a question regarding BIND and its RPZ functionality.
We are using a DNS provider that blocks malware by returning an NXDOMAIN
response back whenever a match is found.
The way they differentiate between real non-existent websites vs malware
sites is by turning off the 'recursion
5 matches
Mail list logo
