Re: How to implement DNS RPZ with Domain Based Reputation Data
Oh I see.. I thought this a kind of feature of BIND. I got it now. On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman wrote: > On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote: > > Hi Team, > > Can someone please confirm if below stuff I found pertaining to BIND can > be > > implemented with DNS RPZ? If yes can someone please point me to the > > appropriate document? > > Domain Based Reputational Data > > > > With the release of BIND 9.8.1 a *new* reputational mechanism is > available, > > this time for use by DNS resolvers. An organisation is able to receive a > > reputational data feed describing internet domains that have a 'poor' > > reputation. A poor reputation is usually based on the delivery of > malware, > > or other forms of nefarious internet activity. > > > > The ISC have provided an efficient standardised mechanism for the use of > > reputational data by recursive DNS resolvers and have left the provision > of > > the reputational data itself to professional organisations that > specialize > > in this type of information. Additionally, the response that shall be > given > > to a client attempting to resolve a domain which is listed amongst those > > with a 'poor' reputation is left to the local organisation to decide. > > This is basically RPZ. "reputational data feed" is basically a response > policy zone. There are feed providers such as Spamhaus, Farsight > Security, etc. E.g., see this: > > https://www.spamhaus.org/news/article/669 > > Mukund > ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: How to implement DNS RPZ with Domain Based Reputation Data
On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote: > Hi Team, > Can someone please confirm if below stuff I found pertaining to BIND can be > implemented with DNS RPZ? If yes can someone please point me to the > appropriate document? > Domain Based Reputational Data > > With the release of BIND 9.8.1 a *new* reputational mechanism is available, > this time for use by DNS resolvers. An organisation is able to receive a > reputational data feed describing internet domains that have a 'poor' > reputation. A poor reputation is usually based on the delivery of malware, > or other forms of nefarious internet activity. > > The ISC have provided an efficient standardised mechanism for the use of > reputational data by recursive DNS resolvers and have left the provision of > the reputational data itself to professional organisations that specialize > in this type of information. Additionally, the response that shall be given > to a client attempting to resolve a domain which is listed amongst those > with a 'poor' reputation is left to the local organisation to decide. This is basically RPZ. "reputational data feed" is basically a response policy zone. There are feed providers such as Spamhaus, Farsight Security, etc. E.g., see this: https://www.spamhaus.org/news/article/669 Mukund ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
How to implement DNS RPZ with Domain Based Reputation Data
Hi Team, Can someone please confirm if below stuff I found pertaining to BIND can be implemented with DNS RPZ? If yes can someone please point me to the appropriate document? Domain Based Reputational Data With the release of BIND 9.8.1 a *new* reputational mechanism is available, this time for use by DNS resolvers. An organisation is able to receive a reputational data feed describing internet domains that have a 'poor' reputation. A poor reputation is usually based on the delivery of malware, or other forms of nefarious internet activity. The ISC have provided an efficient standardised mechanism for the use of reputational data by recursive DNS resolvers and have left the provision of the reputational data itself to professional organisations that specialize in this type of information. Additionally, the response that shall be given to a client attempting to resolve a domain which is listed amongst those with a 'poor' reputation is left to the local organisation to decide. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users