[dns-operations] A DNS and network security forced marriage

Bill Woodcock woody at pch.net
Tue Mar 16 05:44:06 UTC 2010


      On Fri, 12 Mar 2010, Stephen L Johnson wrote:
    > An utterly brilliant (or hare brained)
    > idea has emerge from out network security group to fight botnets on our
    > network. The idea is to use the caching name servers to lobotomize the
    > botnet.

Yes, this is a relatively common mechanism.  OpenDNS and others provide 
this as a COTS service, or you can put it together yourself if you have a 
reliable source of C&C data.

                                -Bill




More information about the dns-operations mailing list