首页>
外国专利>
Selective sinkholing of malware domains by a security device via DNS poisoning
Selective sinkholing of malware domains by a security device via DNS poisoning
展开▼
机译:通过DNS中毒选择安全设备的恶意软件域的选择性散落
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques for selective sinkholing of malware domains by a security device via DNS poisoning are provided. In some embodiments, selective sinkholing of malware domains by a security device via DNS poisoning includes intercepting a DNS query for a network domain from a local DNS server at the security device, in which the network domain was determined to be a bad network domain and the bad network domain was determined to be associated with malware (e.g., a malware domain); and generating a DNS query response to the DNS query to send to the local DNS server, in which the DNS query response includes a designated sinkholed IP address for the bad network domain to facilitate identification of an infected host by the security device.
展开▼