NXDOMAIN data leakage prevention

Chris Public2 at xymox1.com
Mon Oct 1 11:03:47 UTC 2018

I was reading a disturbing article on ways that DNS can be used to get 
data past firewalls and for malicious programs to communicate with a 
command and control center via DNS NXDOMAIN.

Right off hand I dont see a way to block this ? Looking at my NXDOMAIN 
lookups its quite pervasive and coming from a large number of sources. 
Its clearly being used by A LOT of people.

Is there a way I can use Unbound to mitigate this threat ? This is a 
serious issue because i don't see how to block this.


More information about the Unbound-users mailing list