On 01/17/2018 07:57 AM, Tony Finch wrote:
I'm currently at UKNOF39 where we have just had a couple of talks about RPZ. One of the speakers talked about algorithmically generated malware domains: if you know the algorithm, you can pre-generate the malicious domains and add them to your RPZ in advance.
Did you see or hear any talks about RPS in addition to RPZ?
If they are truly random attack domains then you'll need some other strategy.
I suspect that an intelligent RPS filter could detect and possibly prevent such communications.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
