v11.1: DNS Blackhole with iRules

Back in October, I attended a Security B-Sides event in Jefferson City (review here). One of the presenters (@bethayoung) talked about poisoning the internal DNS intentionally for known purveyors of ...
Updated Mar 16, 2022
Version 2.0
adn
application delivery
BIG-IP
dev
devops
dns
iRules
management
news
tech tip
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Mar 02, 2016
Hi Jason, we had a discussion on the board where a peer has complained about performance problems using this iRule and I've tried to optimize his code. (Link: https://devcentral.f5.com/s/feed/0D51T00006n6oY4SAI) Could you provide additional datails why the enforcement of the $Blackhole_Match happens in the DNS_RESPONSE event and not directly in the DNS_REQUEST event? Cheers, Kai