[RPZ] opendns now has some rpz-like features

Paul Vixie vixie at isc.org
Tue Jun 21 21:49:15 UTC 2011

in <http://www.opendns.com/about/announcements/221/> we see:

	And, as it turns out, nearly all malware uses DNS to find its
	bot master to "phone home" for instructions. OpenDNS Enterprise
	secures the DNS layer and protects networks from being infected
	by blocking known malware-hosting websites, but also helps
	prevent infected computers from phoning home by blocking the
	master command and control servers with which the malware
	communicates. This blocking happens both based on known
	malicious domain names, and known compromised IP addresses.


	OpenDNS Enterprise is now the only malware protection service in
	the world that monitors and blocks both known malicious IP
	addresses and known malicious domain names, removing the
	possibility that OpenDNS Enterprise malware blocking could be
	bypassed with a new domain name pointing to a known bad IP

cool stuff.

More information about the DNSfirewalls mailing list