We typically override malware-ish domains's by creating a zone on our caching servers for them and create a wildcard similar to:
* IN A 127.0.0.1 That way, when clients try to resolve xyz.com, our caching/resolvers return 127.0.0.1, not the real IP address. Josh -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Stewart Dean Sent: Friday, April 01, 2011 10:22 AM To: [email protected] Subject: Is it possible to block resolution of a malware address? That is, if we know that a symbolic address is malign, is there some way to refuse to resolve it or change its resolution when an internal users asks for its resolution? All my Google searching turns up DNSBLs and blocking incoming mail from BLed addresses, but this is another matter... Thanks in advance... -- ==== Stewart Dean, Unix System Admin, Henderson Computer Resources Center of Bard College, Annandale-on-Hudson, New York 12504 [email protected] voice: 845-758-7475, fax: 845-758-7035 _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
