Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #15975
| Path | csiph.com!aioe.org!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Daniel Stirnimann <daniel.stirnimann@switch.ch> |
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: scripts-to-block-domains |
| Date | Mon, 13 Jul 2020 09:34:54 +0200 |
| Lines | 48 |
| Approved | bind-users@lists.isc.org |
| Message-ID | <mailman.702.1594625689.942.bind-users@lists.isc.org> (permalink) |
| References | <117301d658e1$0f6966a0$2e3c33e0$@cyberia.net.sa> <d053e782-ac67-f0df-a395-a3c1e9eda46a@switch.ch> |
| NNTP-Posting-Host | lists.isc.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset="windows-1252" |
| Content-Transfer-Encoding | 8bit |
| X-Trace | usenet.stanford.edu 1594625725 1143 149.20.1.60 (13 Jul 2020 07:35:25 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| To | MEjaz <mejaz@cyberia.net.sa>, <bind-users@lists.isc.org> |
| Return-Path | <daniel.stirnimann@switch.ch> |
| X-Original-To | bind-users@lists.isc.org |
| Delivered-To | bind-users@lists.isc.org |
| X-Virus-Scanned | by SpamTitan at switch.ch |
| DKIM-Signature | v=1; a=rsa-sha256; c=simple/simple; d=switch.ch; s=selector1; t=1594625711; bh=BIaR4CA9ak/cP5toSRYg8ADFIVNvpTfXto0KfZzk1jo=; h=Subject:To:References:From:Date:In-Reply-To; b=Q7ZEjtEh9BOrQ67oqsovxNeNmiN9iU7qFjyw1bgEmY7T8DvyOo+TQBETyTz36Z7Fg LmN8vsApHhjP8GLSxg022pjKshRinF98PUx78jO8QZU9PLbCZT36DWVfzhvVZ84GoE fwDHPKhbscKK4f6MbSVgZIOQQ74wpVx2eX4DYA+G6Gl85wvufg9mbRIOJl9Ula5K+Q cGUd+rFBq2VwfAvt5PtSMgMC2GBfaf5BmA7kOjx+Zw/zBeueQ2bPdA4rhEIjiyvEg9 31G2XdZZax4Vbc+xjKfitQgHGRkp4hm7Y+IFI+ZgtsMCdX9Oq5M9X0CaWDDCPtRkYY VlnAPk6Yla3TA== |
| Authentication-Results | mx1.switch.ch; x-trusted-ip=pass |
| Autocrypt | addr=daniel.stirnimann@switch.ch; keydata= mQINBFVNyCoBEADJDVcf9JYFy2yd72s3B8GMNcfHrke7eoX6IZjL47g3/tFAWTy9HJwt6dBH OkW9/wb7W8BorMIWwE/+kBKahUSmhEc4aSEksjensTSG6WTGAbUvxFM9KhwkxjJpQLqOPyk6 6mEYXgNMZiXRo02kysbV+uRZHxZ7AzGNZ7bVNJ01Nwu9ShRFANqmHrpE7Uf9vzb4aG+6lIZu 1Y++X7tWzGZTf0IVboNyisHODq442J2UcEwEj//gayRjn3WiCT/CKt/aD203eet9RIEm/uTl 0JxWndNyp5C4LVFii/AWy127aBFbnirUxJzOBHfQoGodWPu1dmzizgWXF/C36QtNyJQzDhyC ts9PzGFMv8mq2js902m7VwtMGTap6drux6+z/kEpnlXdyUR9BYwvalPE0huNkcH+r5gWT46l 6fzKCJ7VIAdn1GBZS3dYRoZQ1QMMugi68yHnqIdWy3s0gJ4IFkjuThK+Rx88pwSyjxKOKLOB 3yuG1uWb0o2HN+5TTU/I+Wvg3EvfzscF/Gazj1DuyTjiCZghA2lnU2Feob8oDHE/krmu7xSl Kp+uTDCefKzNtPi6R0BN2OVCUBnjoWkyFZroFd80RlFZTswlKaIrS8h6AoTeDpmmhpDfrpjY 1lWZbPxaRP5NMZ/W9JXru8G3fgEuLcrIVx4xtyc/7hqm+eVLhwARAQABtC9EYW5pZWwgU3Rp cm5pbWFubiA8ZGFuaWVsLnN0aXJuaW1hbm5Ac3dpdGNoLmNoPokCNwQTAQgAIQUCVU3IKgIb AwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDYNlcskS2oyB6gEACm0s2onItKmp7Y76pt M1RedVPM21wIhc5YtmaOJQxz+YLaROXijbaijn2veW9/XsJ+3qKjJvgzmeU4NswHuRHS7kuA tDXlcTqkZqZYeJWAQvvWCw7CNlGaufzXz6u9/hs9ITEQKOVY+3apX0bZmbcZqldK0mERA9m2 ZwsT1Z3NZIHuoUsfjv6PqOf2xfLBjOk+5pwsQNPXlM3KlIRHr69xHqfpm38343focf4mPETb 7WLjYPmDsQIZRdnO24+uGTxu0FDWe8SQNKUDB4i4zyVNB4R/tJM81TRVVC6RDiYM1lqMybSO +0p8cO/LAeurSCyyNpZJXJnq3lQGCzPc1OqbqnvSedQRXQUfav3p6H5q7s2g7KqiW/rAWT0E NjRJxSCzg82TOld3RfXw7ELVztNuYNnlYAlGl5/b3J4nUHhfU11h3iCmNZNgAcSkjuNeftLt BfHqlqpnmzIrQhF6g3qCN+yaaVLXvyRuK080BMa+C8jIp1LuLhcKlXNBO3vt/eQDOyDzubCx 6mrRBJOYW7+/souL1hbqppsWYYwQPJe4CW7B58SFwwyWoPQoq2O7H70vfD+9wD4biQQ7mmwY tQkVGVAlUHiTt8/Vl4/YWdIkZWZ6xdEWJv67lbJ3PAyzbwsh0hPefx/BI3efKRbUrvVc3Lb6 6Yl+jNkk9rokJCBOyrkCDQRVTcgqARAAuiGwPInrgsfjxQGxqhxFHsh4sAb5+DDNURlc1rt+ A/DMOk2EysPqZtiV2AYeLcHjSxItSIp395vgtHtljpOoCkBanWsWpYtQAER9W6JrubczZ1mN GCSkziXjT1FWuVReTG84YVt/Mi0kN7GD8Bg8B+sEdcOG717zmvUFnkHIRKbMHt/KTIqBIOsI xSRlgT/NBUAjo2yofANS0a12IJxghL0jMQfoxpu9IoZ5gZbziUXDOLj+K3kP8Lh/6cOglArd 7a4GlDBIeCtHt3/iox1r6hBPF+6g4ZI7lbEjAykEDyQIxLxl2pWc9rsrMJJx2W5pktwWX2Q9 VCtL9t5cWMHgg0pqig50N2MOiOWY6fDH9DzvcXbzUw04db1aJF4flSu0N52B9KSlBbuhcJin FM/mi8v2YJf62xwkOAkdmJlaVzLweuARaLMcO6cS50LtWF/rJfo2wbPk2ytMFRIAwFoPMf99 LhP68k9Qgsra4GBKRf6IZ4jxpgg//kOYXTsFdG96pCfoOSit8imSQJaz4Q34dGPUVf+K9LtT OAhRqf7rTceK30PiGV77ULGtraFm8SQpRXma5dxqzFzD/rA0JfpODeipgCAox+C/xj51FkSJ Wmkje8xKfuwPzRCWIeOPwPUtkTZmbZ133BJqhuQ5fJ2akELel0+NRoPjJSGcgNHYk3sAEQEA AYkCHwQYAQgACQUCVU3IKgIbDAAKCRDYNlcskS2oyHLDEACsa0icacTUohU2O12FJVf3cQVR ExLJhAQPWNLyU/ubwzK534X5VutTCeT5/gqBBuVBPTuw30mor9WmEKM4Bl5A77ezVDVonLRi QaSbzmXCSZSBozTQYlHHC3KOLEz1ZtcJLzwR6LljZb49m8JGxX70y6YxRZ1Ozzn43vIZxEp9 BBTPfiDNcCCxQb2P+O7N8etcYiflJwTPxfCtovWtNgjOAFG6QD0TdPrVyV30vZu8FylqzWWw 9SqkpRhNJBBilOAS+/J8/BUp5bmCfYUNvnUD1htaAJWuWW6WYfRdc7DkpQ73odYIJQwMeVpY t3sZuXrea+V/DUNEZDydD+/KLyN3gjr/gGe3S9xZT9nB47S/qZnOTV1F9w0h3Ut2PWN1uCjr zH8Cnji5SQgCdVKE7ytuZsmnh0k23vg9U2D46VC84/c4CXc/vWLzQCtq8HIy4lXEy1p/47dN rPDJ8G5ChtbHab0n+QDiezbZa79ACQ3TkGmH4Fo35anZCmFwqINJLve7SRzY+CCawpyTaJBz 2J/3ktd1SwxQekMS0z2MCwWv0Xy0dunATNZEks+8GdVrpN6nqzWP73o3dv9K0SWoDSfTYkj4 eel7GJ3XKKpxu08PBigd64gTgPUIqG+ZRPnBQzfuY3f2DURL/J4SlpmUfGBVVeU8+SNFVh/a U00Ijfx0yw== |
| User-Agent | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 |
| In-Reply-To | <117301d658e1$0f6966a0$2e3c33e0$@cyberia.net.sa> |
| Content-Language | en-US |
| X-ClientProxiedBy | SWH-S05-EXC3.swd.switch.ch (172.16.60.14) To SWH-S04-EXC2.swd.switch.ch (172.16.60.12) |
| X-Spam-Status | No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,KAM_SHORT,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.2 |
| X-Spam-Checker-Version | SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org |
| X-BeenThere | bind-users@lists.isc.org |
| X-Mailman-Version | 2.1.29 |
| Precedence | list |
| List-Id | BIND Users Mailing List <bind-users.lists.isc.org> |
| List-Unsubscribe | <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe> |
| List-Archive | <https://lists.isc.org/pipermail/bind-users/> |
| List-Post | <mailto:bind-users@lists.isc.org> |
| List-Help | <mailto:bind-users-request@lists.isc.org?subject=help> |
| List-Subscribe | <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <d053e782-ac67-f0df-a395-a3c1e9eda46a@switch.ch> |
| X-Mailman-Original-References | <117301d658e1$0f6966a0$2e3c33e0$@cyberia.net.sa> |
| Xref | csiph.com comp.protocols.dns.bind:15975 |
Show key headers only | View raw
Hello Mohammed, You can use RPZ (Response Policy Zone). The following link should give you a good introduction on how to set this up: Building DNS Firewalls with Response Policy Zones (RPZ) https://kb.isc.org/docs/aa-00525 Daniel On 13.07.20 08:44, MEjaz wrote: > Hell all, > > > > > > I have an requirement from our national Cyber security to block several > thousand forged domains from our recursive servers, Is there any way we > can add clause in named.conf to scan such bogus domain list without > impacting the performance of the servers. > > > > Thanks in advance.. for the usual contribution. > > > > > > Thanks, > > Mohammed Ejaz > > Asst. Operation Director of Systems. > > Cyberia SAUDI ARABIA > > P.O.Box: 301079, Riyadh 11372 > > Phone: (+966) 11 464 7114 Ext. 140 > > Mobile: (+966) 562311787 > > Fax: (+966) 11 465 4735 > > Website: http://www.cyberia.net.sa
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: scripts-to-block-domains Daniel Stirnimann <daniel.stirnimann@switch.ch> - 2020-07-13 09:34 +0200
csiph-web