Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
Categories
There are no subcategories in this category.
1 Can I use DNS RPZ to set up redirection for a CDN via CNAME records?

We're often asked if DNS RPZ could be used to setup redirection to a CDN. For example if "mydomain.com" is a normal domain with SOA, NS, MX, TXT records etc,. If someone does a A or AAAA query for "mydomain.com" can we use DNS RPZ on an authoritative nameserver…

2 How do I create and maintain my DNS firewall policy rule set using DNS RPZ?

In a DNS RPZ firewall, the policy rule set is contained in a DNS "zone", which can be transferred using normal "zone transfer" mechanisms. The master copy of your DNS firewall policy can be a DNS "zone file" which you either edit by hand, or which you generate…

3 What are the features of the DNS RPZ firewall?

DNS RPZ is a form of DNS firewall in which the firewall rule sets are expressed within DNS itself in the form of a specially constructed DNS zone. DNS RPZ is an open vendor-neutral format for DNS firewall policy which allows a DNS server operator to maintain…

4 What can a DNS firewall do?

Firewalls work by applying a set of rules to a traffic flow, where each rule consists of a trigger and an action. Triggers determine which messages within the traffic flow will be handled specially, and actions determine what that special handling will be.…

5 Why use a DNS firewall?

Most modern electronic crime and network abuse relies on the Domain Name System (DNS), thus protection against these threats must include DNS firewalling. A DNS firewall can selectively intercept DNS resolution for known-malicious network assets including…