Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't factor out dynamic DNS providers #6

Open
9b opened this issue Mar 6, 2017 · 2 comments
Open

Don't factor out dynamic DNS providers #6

9b opened this issue Mar 6, 2017 · 2 comments
Assignees
@9b
Labels
enhancement

Comments

@9b
Copy link
Collaborator

9b commented Mar 6, 2017

When sending indicators into Blockade cloud nodes, we prune out likely good sources using Alexa and other lists. Due to popularity, dynamic DNS providers are likely to exist in these lists and will mean they are removed from being sent to the node. This causes issues as many malware samples will use dynamic DNS.
@9b 9b added the enhancement label Mar 6, 2017
@9b 9b self-assigned this Mar 6, 2017
@villain
Copy link

villain commented Mar 10, 2017

perhaps leave the dynamic DNS providers in the list, but add an override/ignore option to force the indicators to be sent

@9b
Copy link
Collaborator Author

9b commented Mar 12, 2017

Going with that concept and will apply it for incoming descriptions as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@9b 9b

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@9b @villain