Hi John, Thanks for the feedback! I'm Joe, Product Mgr here at ThreatSTOP.
You are correct in that the quick start guide is not BIND specific, nor is it really device specific at all and touches more on helping a new user understand elements of our service such as building a custom policy, creating a user-defined list of IPs or domains to block or allow, and how to work with our web based event log reporting. ThreatSTOP is compatible with firewalls, routers, switches, load balancers, and DNS servers (esp. BIND!). Thanks for posting the link to our config documentation for BIND, that should be more familiar to the group here. Zone transferring a blacklist is the core of what our service does for BIND, on top of that we curate and maintain the contents of what that zone can contain by aggregating a pretty comprehensive amount of reputational data on domains and IPs into threat-type categories. Once a policy is defined by a user the RPZ axfr can happen, and then automatically update contents of the zone (fresh reputational data) at an interval the user determines best for them. Re: logging, the BIND instance will upload logs to our backend securely. The http links you posted for "checkIP", "checklogs" and "sinkhole" are public facing tools we make available for anyone to do their own mini security assessments, and aren't the facilities used for people who run our service on their device(s). We are moving our brand website to https soon, but everything behind our portal that should be more secure is already https with multi-factor auth. Many thanks, Joe -- View this message in context: http://bind-users-forum.2342410.n4.nabble.com/ThreatSTOP-BIND-DNS-Firewall-Available-tp3027p3041.html Sent from the Bind-Users forum mailing list archive at Nabble.com. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
