[DNSfirewalls] A non RPZ DNS firewall question

Francis Turner francis at threatstop.com
Fri Jul 29 23:52:37 UTC 2022

At least I don't think it's an RPZ question because I don't believe it is part of the spec.

Is it possible in Bind or other DNS servers to filter based on RRTYPE e.g. always replying NXDOMAIN to TXT queries or for that matter to other arbitrary TYPEXX queries? We have some customers who are seeing their public recursive DNS servers being abused by queries of this sort. It's possibly DDOS, it's possible DNS Tunnelling, it may be some other abuse but either way they want it to stop - at least from certain users of their servers. Unfortunately neither they, nor I, can think of a good way to do this



Francis Turner
Threat STOP Global SE
JP Cell: +81-8080404701 | US Cell: +1-760-402-7676
Office: +1-760-542-1550 | Skype: francis.turner.threatstop
francis at threatstop.com<mailto:francis at threatstop.com> | www.threatstop.com<http://www.threatstop.com/>
Weaponize Your Threat Intelligence
"If You Don't Build It, They Definitely Will Not Come" - P. Vixie

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/dnsfirewalls/attachments/20220729/e0331cf4/attachment.htm>

More information about the DNSfirewalls mailing list