[rbldnsd] Using rbldnsd to blacklist websites
Michael Tokarev
mjt at tls.msk.ru
Sun Jan 28 12:55:20 MSK 2007
Lyle wrote:
> I think you need a full featured dns server. RBLDNSD won't do forwarding.
>
> I am doing that at one of my customer's. I use BIND on Linux in
> forwarding mode, but make that local dns server authoritive for those
> abusive zones. We are using a proxy server so I have pretty good stats
> on the 'bad' sites that should not be viewed from the office...
By the way, we do such things here on a web-proxy server (squid).
Workstations don't have direct access to the 'net, only using a proxy.
Which is - IMHO - something that every place should enforce - if not
only to be able to understand where this particular malware come from,
by analyzing proxy logs etc.
And on the proxy, the list of "bad" domains is configured (we use
redirect program with squid). Works pretty well.
/mjt
More information about the rbldnsd
mailing list