DNS Signature Lists

Reply
L3 Networker

DNS Signature Lists

Does anyone know any free External Dynamic Lists for DNS signatures to use in conjunction with the Palo DNS Signatures? We would like some extra protection for our anti-spyware protection.

L3 Networker

Re: DNS Signature Lists

Thanks, Otakar. These are all IP lists though. I was looking for something for DNS sinkholing or blocking requests for malicious domains.

L7 Applicator

Re: DNS Signature Lists

Hello,

Another thing to remember is that dns sinkholing is one of serveral defences that the PAN has. It also uses url filtering and I always recommend blocking the following categories:

 

command-and-control

dynamic-dns

malware

parked

phishing

unknown

 

Think of the sinkhole as your zero-day threat protection and the URL filter as the classic signature based approach.

 

Hope that helps.

L7 Applicator

Re: DNS Signature Lists

@DPoppleton,

malwaredomains.com hosts a relatively decent list but it's only available in a zip file to the best of my knowledge, so you would need to do some manual work on your end for that. Otherwise ZeuS hosts one HERE that's updated on a regular basis and can be fed directly to the firewall. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!