On 11/30/2017 12:04 AM, Daniel Stirnimann wrote:
I doubt you can use RPZ for that.
The testing that I did made me think that RPZ wouldn't be able to do it. I wonder if Response Policy Service (DNSRPS) can do it.
We use https://dnsdist.org/ for that, our rule: -- WPAD Name Collission Vulnerability -- US-CERT TA16-144A. Redirect to landing page addAction(RegexRule("^wpad\\."),SpoofAction("192.168.1.2", "2001:DB8::2"))
Thank you for the information. I'll check that out. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users