On Tue, 9 May 2017, Eduardo Schoedler via Unbound-users wrote:
No exist ip address like 333.x.x.x, for example. So, I wrote a python module to filter this questions.
But is that wise? If this malware ends up sending the DNS query to a legitimate system DNS function, then such a DNS function will retry the query a number of times to all the DNS resolvers configured on the client. So you are actually making the problem worse. Filtering a DNS query on a recursor is almost never the right solution. Paul
