That might seem like a good idea, but I suspect the DNS queries leaving a network will exhibit a long tail. Prepare for your non-Alexa logs to be rather unwieldy.
> On 3 Oct 2013, at 05:59, Erik Hjelmvik <[email protected]> wrote: > > Well, it may not be realistic to only let traffic through to > whitelisted hosts. But a whitelist of DNS hosts can still be very > valuable when doing incident response / network forensics. > > See this blog post about how the Alexa top 1M list can be leveraged as > a whitelist for DNS queries/responses: > http://netresec.com/?b=13A66EB > > /erik > > 2013/9/13 Chris Campbell <[email protected]>: >> It's worth mentioning that whitelisting doesn't really work for websites, >> there are invariably too any external resources on a page for you to be able >> to whitelist them all so that the site works as expected. >> >> On 12 Sep 2013, at 23:22, Tim Krabec <[email protected]> wrote: >> >> DNS >> No need to over complicate, just use DNS >> >> >>> On Thu, Sep 12, 2013 at 3:10 PM, Larry Petty <[email protected]> wrote: >>> >>> Is anyone aware of a consumer grade WAP that allows URL whitelisting vs >>> blacklisting? Most of the newer WAPs that I have tested only support >>> blacklisting. I have a situation where I need to allow five websites and >>> blacklist everything else. >>> >>> The issue here is cost. I know that I can use something like pfsense, but >>> for this small project that I am volunteering for, I need a solution that is >>> in the area of $150-$200 each. >>> >>> - Larry >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> >> >> >> -- >> Tim Krabec >> tkrabec.com >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
