Forum Discussion
Security parameters tightening on F5 DNS level
Hi Experts,
Could you please confirm if all the below points achievable and kinlyd share the configuration article. Thanks.
All unknown queries should be rejected/dropped. | This is often called black-holing requests so that queries for non-existent subdomains get dropped, a null response, or redirected to a sinkhole IP. |
All queries with an excessive number of subdomains should be rejected/dropped. | This is another method to reduce impact from queries for non-existent subdomains. |
All queries with randomized case should be rejected/dropped. | While subdomains, domains, TLDs are not case sensitive, we recommend accepting only queries that are all lower case, all upper case, or first letter upper case with the rest lower case. This will prevent wasting resources on randomized case queries that are not generated by humans. |
Block source upon reaching certain threshold for rejected/dropped unknown queries | All sources reaching a certain threshold of rejected/dropped unknown queries should be blocked for a specific time interval that increases with each new block. |
- adeelshahzad
Nimbostratus
Hi Aswin,
Thank you for the response, could you confirm the other points as well. Really appreciated. Thanks.
With iRules pretty much everything is possible, it will require some experience and effort to create those iRules though. I don't believe everything can be done with build in features.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com