How to implement DNS RPZ with Domain Based Reputation Data
blason16 at gmail.com
Sun Apr 29 02:57:34 UTC 2018
Can someone please confirm if below stuff I found pertaining to BIND can be
implemented with DNS RPZ? If yes can someone please point me to the
Domain Based Reputational Data
With the release of BIND 9.8.1 a *new* reputational mechanism is available,
this time for use by DNS resolvers. An organisation is able to receive a
reputational data feed describing internet domains that have a 'poor'
reputation. A poor reputation is usually based on the delivery of malware,
or other forms of nefarious internet activity.
The ISC have provided an efficient standardised mechanism for the use of
reputational data by recursive DNS resolvers and have left the provision of
the reputational data itself to professional organisations that specialize
in this type of information. Additionally, the response that shall be given
to a client attempting to resolve a domain which is listed amongst those
with a 'poor' reputation is left to the local organisation to decide.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users