[Emerging-Sigs] Blocks based on IP alone

Will Metcalf william.metcalf at gmail.com
Mon Oct 18 16:12:11 EDT 2010


AFAIK this is a per zone feature.  Since with DNSBH updates you are
essentially adding and remove zones I don't think that nsupdate
applies... But I could be wrong.

Regards,

Will

On Mon, Oct 18, 2010 at 9:26 AM, Martin Holste <mcholste at gmail.com> wrote:
>> This does work and works well.  We did this for awhile, but
>> unfortunately, we're not in charge of DNS, and our DNS admins were
>> only willing to update once per day, so the effectiveness quickly
>> waned.  If we could do this with real-time dynamic DNS updates, I
>> think we'd be in business.  Maybe it's time for us to have another
>> chat with our admins.  We tend to get the same fears with the DNS
>> updates that we get when advocating for an inline IPS, because any
>> time we're messing with infrastructure, we're increasing operational
>> risk.
>>
>
> One follow-up on this: has anyone gotten a DNS blackhole to work with
> dynamic DNS updates?  That would be ideal.  I'm not seeing anything
> obvious on Google yet, and it's been a long, long time since I
> maintained BIND.
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> Support Emerging Threats! Get your ET Stuff! Tshirts, Coffee Mugs and Lanyards
> http://www.emergingthreats.net/index.php/support-et-and-buy-et-schwag.html
>


More information about the Emerging-sigs mailing list