Well, it may not be realistic to only let traffic through to whitelisted hosts. But a whitelist of DNS hosts can still be very valuable when doing incident response / network forensics.
See this blog post about how the Alexa top 1M list can be leveraged as a whitelist for DNS queries/responses: http://netresec.com/?b=13A66EB /erik 2013/9/13 Chris Campbell <[email protected]>: > It's worth mentioning that whitelisting doesn't really work for websites, > there are invariably too any external resources on a page for you to be able > to whitelist them all so that the site works as expected. > > On 12 Sep 2013, at 23:22, Tim Krabec <[email protected]> wrote: > > DNS > No need to over complicate, just use DNS > > > On Thu, Sep 12, 2013 at 3:10 PM, Larry Petty <[email protected]> wrote: >> >> Is anyone aware of a consumer grade WAP that allows URL whitelisting vs >> blacklisting? Most of the newer WAPs that I have tested only support >> blacklisting. I have a situation where I need to allow five websites and >> blacklist everything else. >> >> The issue here is cost. I know that I can use something like pfsense, but >> for this small project that I am volunteering for, I need a solution that is >> in the area of $150-$200 each. >> >> - Larry >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > > > -- > Tim Krabec > tkrabec.com > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
