You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
similar to the other DNS analyzers.
If does filter some malicious domains so we should create 2 different analyzers based on what kind of filters we want to have
Why should we use it
free to use
Possible implementation
2 analyzers:
Classic plain DNS queries to 156.154.70.2 (backup 156.154.71.2) for the analyzer UltraDNS_Malicious_Detector. In case of blocked DNS requests, it sinkholes to 156.154.112.16 and `156.154.113.16 which are Neustar owned. I am not sure it would always sinkhole there so I guess we should be broader and consider all the netrage 156.154.112.0/23 as it is the sinkhole. (maybe we add an alert to notify when a different IP address is uses in that range)
Classic plain DNS queries to 64.6.64.6 (backup 64.6.65.6) for the analyzer UltraDNS
The text was updated successfully, but these errors were encountered:
Name
UltraDNS
Link
https://www.publicdns.neustar/
Type of analyzer
similar to the other DNS analyzers.
If does filter some malicious domains so we should create 2 different analyzers based on what kind of filters we want to have
Why should we use it
free to use
Possible implementation
2 analyzers:
The text was updated successfully, but these errors were encountered: