DGA Attack mitigation

Mahdi Adnan mahdi.adnan at outlook.com
Mon Apr 9 18:18:27 UTC 2018

It's no easy to block my clients and ask them to clean up their machines.
They will switch to another service instead of cleaning.


Mahdi A. Mahdi

From: Rainer Duffner <rainer at ultra-secure.de>
Sent: Monday, April 9, 2018 9:12 PM
To: Mahdi Adnan
Cc: unbound-users at unbound.net
Subject: Re: DGA Attack mitigation

Am 09.04.2018 um 20:04 schrieb Mahdi Adnan via Unbound-users <unbound-users at unbound.net<mailto:unbound-users at unbound.net>>:

Im running 20 Unbound servers and around 20% of response are NXDOMAIN, for queries coming from my clients.

Block those IPs that are obviously p4wned until they clean up their PCs?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20180409/1fe9cd57/attachment.htm>

More information about the Unbound-users mailing list