Building DNS Firewalls with RPZ presented at Baythreat 2011

by Paul A. Vixie,

Tags: Security

Summary : A DNS Firewall can help you control what domain names, IP addresses, and name
servers are allowed to function on your network. You can build such a firewall
using DNS Response Policy Zones (RPZ), which is an open and vendor-neutral
standard for the interchange of DNS Firewall configuration information. DNS
RPZ is a standard feature of BIND9 as of 9.8.1, and is expected to be
supported by other (non-BIND) name servers soon. In this talk, Paul Vixie will
explain what a DNS firewall is and how to use DNS RPZ to create one for your
own network.