v11.1: DNS Blackhole with iRules

Back in October, I attended a Security B-Sides event in Jefferson City (review here). One of the presenters (@bethayoung) talked about poisoning the internal DNS intentionally for known purveyors of ...

Updated Mar 16, 2022

Version 2.0

Admin

Joined January 20, 2005

View Profile

JRahm

Admin

Joined January 20, 2005

View Profile

hooleylist

Cirrostratus

Dec 28, 2011

Nice iRule!

You could save a little bit of CPU time by changing the == to eq to do a string comparison without polymorphism:

if {!([DNS::question name] == ".")} {

if {!([DNS::question name] eq ".")} {

Aaron

v11.1: DNS Blackhole with iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS