Syaifudin <syaifu...@jsn.net.id> wrote: > is there regex for bind config or something else to anticipation or block > malware where generate random subdomain ( 2 or 3 character )+ random domain > ( 7 character ) + random tld.
This is a job for RPZ. I'm currently at UKNOF39 where we have just had a couple of talks about RPZ. One of the speakers talked about algorithmically generated malware domains: if you know the algorithm, you can pre-generate the malicious domains and add them to your RPZ in advance. If they are truly random attack domains then you'll need some other strategy. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Humber, Thames: West 6 to gale 8, occasionally severe gale 9 at first, increasing severe gale 9 to violent storm 11 later. Rough or very rough. Rain later. Moderate or good. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
