[RPZ] How to map NXDOMAIN with some dummy domain in RPZ
Vernon Schryver
vjs at rhyolite.com
Tue Jul 3 13:34:56 UTC 2012
> From: Gaurav Kansal <gaurav.kansal at live.in>
> I configure the RPZ domain in my BIND Server.
>
> I get feed from one of the security firm. In that feed, i get the zone file something like this:
>
> $ORIGIN ae.rpz.xyz.net.
> proxymedia CNAME .
> $ORIGIN proxymedia.ae.rpz.xyz.net.
> * CNAME .
>
> Now what i want to re-direct those malicious domain to one of my
> honey-pot server. But for that, i need to have a CNAME other than '.'
>
> What should i do?
>
> Is there any feature in RPZ to rewrite '.' to some other dummy domain?
The "Response Policy Zone (RPZ) Rewriting" section Chapter 6, "BIND 9
Configuration Reference" of the ARM, the Administrator's Reference Manual,
says in part:
] The policies specified in individual records in an RPZ can be
] overridden with a policy clause in the response-policy option. An
] organization using an RPZ provided by another organization might
] use this mechanism to redirect domains to its own walled garden.
] ...
] CNAME domain causes all RPZ policy records to act as if
] they were "cname domain" records.
Vernon Schryver vjs at rhyolite.com
More information about the DNSfirewalls
mailing list