On 7/14/20 12:08 AM, MEjaz wrote:
Thanks for every one’s contribution. I use RPZ and listed 5000 forged
domain to block it in a particular zone without having addiotnal
zones, I hope that’s the feature of RPZ, Seems good.
You might want to look through those domains and see if there are
Ok, I will take care next time will
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
@lbutlr
Sent: Tuesday, July 14, 2020 10:28 AM
To: bind-users
Subject: Re: scripts-to-block-domains
On 14 Jul 2020, at 00:31, MEjaz wrote:
>
Please do
On 14 Jul 2020, at 00:31, MEjaz wrote:
>
Please do not post images. Copy and paste the text.
(Over 100 lines of quoted lines with no content deleted)
--
I WILL NOT BARF UNLESS I'M SICK Bart chalkboard Ep. 8F15
___
Please visit https://lists.isc.o
Thanks for your quick response,
I did that here is the statement in option section.
-Original Message-
From: Daniel Stirnimann [mailto:daniel.stirnim...@switch.ch]
Sent: Tuesday, July 14, 2020 9:25 AM
To: MEjaz ; bind-users@lists.isc.org
Subject: Re: scripts-to-block
Hello Mohammed,
I don't see that you specified a "response-policy" [1] statement. You
need something like this as well:
response-policy {
zone "rpz.local" policy given;
}
// Apply RPZ policy to DNSSEC signed zones
break-dnssec yes
;
[1]
https://ftp.isc.org/isc/bind9/cur/9.16/doc/arm/html/ref
ds.g.doubleclick.net.rpz.local
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
Grant Taylor via bind-users
Sent: Monday, July 13, 2020 10:45 PM
To: bind-users@lists.isc.org
Subject: Re: scripts-to-block-domains
On 7/13/20 12:44 AM, MEjaz wrote:
> H
On 7/13/20 12:44 AM, MEjaz wrote:
Hell all,
Hi,
I have an requirement from our national Cyber security to block several
thousand forged domains from our recursive servers, Is there any way we
can add clause in named.conf to scan such bogus domain list without
impacting the performance of
Hello Mohammed,
You can use RPZ (Response Policy Zone). The following link should give
you a good introduction on how to set this up:
Building DNS Firewalls with Response Policy Zones (RPZ)
https://kb.isc.org/docs/aa-00525
Daniel
On 13.07.20 08:44, MEjaz wrote:
> Hell all,
>
>
>
>
>
>
Hell all,
I have an requirement from our national Cyber security to block several
thousand forged domains from our recursive servers, Is there any way we can
add clause in named.conf to scan such bogus domain list without impacting
the performance of the servers.
Thanks in advance..
9 matches
Mail list logo