[ISC president Paul] Vixie notes in his announcement of the development, which was first introduced at Black Hat and Defcon, that most new Internet domain names are malicious. He appears to consider those created by speculators to be in the "malicious" category, which is debatable, but surely the number of malicious domains is very large.
ISC has added a new element to BIND: Response Policy Zones (DNS RPZ). Vixie:
The subscribing agent in this case is a recursive DNS server... If your recursive DNS server has a policy rule which forbids certain domain names from being resolvable, then they will not resolve. And, it's possible to either create and maintain these rules locally, or, import them from a reputation provider." Essentially, they have ported the concept of RBLs from SMTP servers over to DNS servers.
DNS to get site reputation element to block malicious domains
Posted on Saturday, August 14 2010 @ 9:20 CEST by Thomas De MaesschalckExtremeTech reports the Internet Systems Consortium (ISC) has added a new element to the DNS system that enables servers to share reputation data in order to block malicious websites:
