[dns-operations] resolvers considered harmful

Paul Vixie paul at redbarn.org
Wed Oct 22 17:59:43 UTC 2014



> Frank Sweetser <mailto:fs at wpi.edu>
> Wednesday, October 22, 2014 10:20 AM
>
> We make pretty heavy use of RPZ to block outbound malware traffic,
> especially to prevent people from inadvertently browsing malicious web
> sites.  I don't have the data myself, but I do know that our Infosec
> people saw a drop in infection rate when we put it in.  I'd hate to
> lose that mechanism completely.

+1.

and as to rpz, if you can publish your use case and results, we'd love
to link to it from http://dnsrpz.info/. as near as i can tell, rpz is
useful and popular, but mostly occurs in submarine mode where nobody
knows it's happening. so, more published results would be grand.

-- 
Paul Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141022/5e572361/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141022/5e572361/attachment.jpg>


More information about the dns-operations mailing list