DGA Attack mitigation
Mahdi Adnan
mahdi.adnan at outlook.com
Mon Apr 9 18:18:27 UTC 2018
It's no easy to block my clients and ask them to clean up their machines.
They will switch to another service instead of cleaning.
--
Respectfully
Mahdi A. Mahdi
________________________________
From: Rainer Duffner <rainer at ultra-secure.de>
Sent: Monday, April 9, 2018 9:12 PM
To: Mahdi Adnan
Cc: unbound-users at unbound.net
Subject: Re: DGA Attack mitigation
Am 09.04.2018 um 20:04 schrieb Mahdi Adnan via Unbound-users <unbound-users at unbound.net<mailto:unbound-users at unbound.net>>:
Im running 20 Unbound servers and around 20% of response are NXDOMAIN, for queries coming from my clients.
Block those IPs that are obviously p4wned until they clean up their PCs?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20180409/1fe9cd57/attachment.htm>
More information about the Unbound-users
mailing list