Question about BIND and RPZ
Blason R
blason16 at gmail.com
Sun Aug 5 04:21:34 UTC 2018
Well I was working on the same but you really need to have good RPZ feeds.
I subscribed to third party feeds and have worked on my RPZ but later you
need to have good reporting engine. Hence better to have a dedicated RPZ
server instead and that's what I could suggest.
This is not marketing talk but I know vendor that I am working with who is
offering a good product instead.
Best Regards,
Lionel F
On Sat, Aug 4, 2018 at 7:23 PM Felipe Arturo Polanco <
felipeapolanco at gmail.com> wrote:
> Hi,
>
> I have a question regarding BIND and its RPZ functionality.
>
> We are using a DNS provider that blocks malware by returning an NXDOMAIN
> response back whenever a match is found.
>
> The way they differentiate between real non-existent websites vs malware
> sites is by turning off the 'recursion available' bit in the NXDOMAIN
> response, non-existent sites do have this bit turned on.
>
> Is there a way to match this flag in an RPZ policy to redirect malware
> sites response to a wall garden website while not matching real
> non-existent websites?
>
> Thanks,
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180805/a312f7a0/attachment.html>
More information about the bind-users
mailing list