On 10/25/2018 03:25 PM, Lee wrote:
I feel like I'm missing something :(
I'll see if I can fill in below.
I read this https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325 and used RPZ to block anything coming from outside that might be an internal address.
I'll read that and reply later if I feel it's warranted.
I'm missing what filtering out things like benchmarking & documentation network addrs gets you beyond maybe saving some bandwidth?
Probably not much for most people.I do use all sorts of IP ranges (test networks extensively) in my home / lab networks. So I'd really rather external things not resolve to an address that I may be using. But that's me being atypical.
Same deal with using RPZ to block IPv4 BOGONs. What does RPZ blocking get you that you don't get by blocking them on your edge routers?
Defense in depth.It's more of an exercise of can it be done. Read: Can I concoct something that will receive feed from Team Cymru's BGP Bogon Rout Server and turn it into an RPZ.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
