[ASK] Block Malware Generate Random Subdomain, Domain and TLD

Grant Taylor gtaylor at tnetconsulting.net
Thu Jan 18 03:37:18 UTC 2018

On 01/17/2018 07:57 AM, Tony Finch wrote:
> I'm currently at UKNOF39 where we have just had a couple of talks about 
> RPZ. One of the speakers talked about algorithmically generated malware 
> domains: if you know the algorithm, you can pre-generate the malicious 
> domains and add them to your RPZ in advance.

Did you see or hear any talks about RPS in addition to RPZ?

> If they are truly random attack domains then you'll need some other 
> strategy.

I suspect that an intelligent RPS filter could detect and possibly 
prevent such communications.

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180117/32c1a0c4/attachment.bin>

More information about the bind-users mailing list