Blocking malware URL lookup using BIND

Matthew Seaman m.seaman at
Tue Oct 25 09:17:29 UTC 2011

On 25/10/2011 10:03, babu dheen wrote:
>  We are seeing huge number of malware request going to malware domains performed by some malware infected clients. 
>  All malware infected clients are trying to reach below URL . We would like to know how we can block if any dns query come to ***** domain, should be redirected to 127.0.01.
>  Sample malware domains

This is exactly what RPZ was designed for:



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
JID: matthew at               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the bind-users mailing list