February 2015 Archives

Blocking DNS malware with Perl and BIND

This evening at Sydney-PM, Nick Urbanik gave an excellent presentation about his work at a large well known Australian Internet provider, in automatically blocking malicious DNS requests in Bind based resolution servers.

His method uses Perl, Inotify and Bind.

If you have customers or external IP's making requests generating huge amounts of SERVFAIL's - his work will discover and block these requests which seem to simply waste CPU time on servers.

He has detailed his work and published his code at his personal website

About Dean

user-pic I blog about Perl. I am now in California