Avoid Phishing using DNS
sysadmin
sysadmin at mrgnetwork.com.br
Sun Jan 25 08:10:44 EST 2009
Hi Alexander,
Sorry the late reply, I miss some mails.
> Bah, you beat me to it. I keep meaning to put together my documentation
> on how I'm using MaraDNS with MalwareDomains[1] to automate building the
> zone file, making sure it's safe, and adding a few extras.
>
Sorry about that :)
> To remove the issue of false positives (and users grumbling), I include
> TXT fields in the zone file I create for each entry so that the page
> they get redirected to also lists why it's blocked; also means I can use
> a DNS query to see quickly why something is blacklisted.
>
> The page they get redirected to is an Apache webserver with mod_proxy,
> if the user accepts the 'risk', a cookie is set between the client and
> the web server that tells mod_proxy to permit the request to go through
> without being blocked; on a per session basis.
>
> Since deployment I have heard not a single complaint and it is a
> completely zero maintenance tool. If anyone is interested, I'll put
> together a webpage with everything you need to put together your own.
>
Sounds great!! I have interested in your setup. Can you share the material ?
Regards,
Marlon
More information about the list
mailing list