https://live.paloaltonetworks.com/t5/general-topics/dynamic-dns-url-redirect-control/m-p/46982#M34530 <HTML><HEAD></HEAD><BODY><P>Assuming the URL is known to be malicious, you could implement DNS Sinkholing:</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-6220">How to Configure DNS Sinkholing on PAN-OS 6.0</A></P><P></P><P>An alternative is to set an action of 'block' on your DNS Signature under your Anti-spyware profile.</P><P></P><P>I (personally) also like to configure my DNS server to point to OpenDNS servers and add an extra layer of protection (you can get an account with them, they will tie your public IP to the source of the DNS queries and filter those against their database). That means that you will be covered with both PAN-DB and OpenDNS databases for DNS queries.</P><P></P><P>Hope that helps,</P><P>Mariano.</P></BODY></HTML> Tue, 05 Aug 2014 23:59:41 GMT mivaldi 2014-08-05T23:59:41Z https://live.paloaltonetworks.com/t5/general-topics/dynamic-dns-url-redirect-control/m-p/46981#M34529 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P>Most of the "Dynamic DNS" sites are categorized as <STRONG style="color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 14px;">Computer and Internet Info (PANDB)</STRONG>.&nbsp; On occasion a device will get infected because of a Dynamic DNS redirect to a malicious site.&nbsp; The initial URL connection is through one of the DDNS sites.&nbsp; Because we allow "Computer and Internet Info", the connection is allowed to the final (malicious) destination.&nbsp; Besides hunting down every DDNS service and creating a custom URL block list - are there any solutions to better control these redirects? Thanks!</P><P></P><P>Cheers,</P><P></P><P>Mike</P></BODY></HTML> Fri, 01 Aug 2014 19:49:53 GMT https://live.paloaltonetworks.com/t5/general-topics/dynamic-dns-url-redirect-control/m-p/46981#M34529 MGoodnow 2014-08-01T19:49:53Z https://live.paloaltonetworks.com/t5/general-topics/dynamic-dns-url-redirect-control/m-p/46982#M34530 <HTML><HEAD></HEAD><BODY><P>Assuming the URL is known to be malicious, you could implement DNS Sinkholing:</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-6220">How to Configure DNS Sinkholing on PAN-OS 6.0</A></P><P></P><P>An alternative is to set an action of 'block' on your DNS Signature under your Anti-spyware profile.</P><P></P><P>I (personally) also like to configure my DNS server to point to OpenDNS servers and add an extra layer of protection (you can get an account with them, they will tie your public IP to the source of the DNS queries and filter those against their database). That means that you will be covered with both PAN-DB and OpenDNS databases for DNS queries.</P><P></P><P>Hope that helps,</P><P>Mariano.</P></BODY></HTML> Tue, 05 Aug 2014 23:59:41 GMT https://live.paloaltonetworks.com/t5/general-topics/dynamic-dns-url-redirect-control/m-p/46982#M34530 mivaldi 2014-08-05T23:59:41Z