[dns-operations] A DNS and network security forced marriage

[Bill Woodcock]

      On Fri, 12 Mar 2010, Stephen L Johnson wrote:
    > An utterly brilliant (or hare brained)
    > idea has emerge from out network security group to fight botnets on our
    > network. The idea is to use the caching name servers to lobotomize the
    > botnet.

Yes, this is a relatively common mechanism.  OpenDNS and others provide 
this as a COTS service, or you can put it together yourself if you have a 
reliable source of C&C data.

                                -Bill