-
-
Notifications
You must be signed in to change notification settings - Fork 395
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[request] identify blocklist for sinkhole domains #34
Comments
Thanks for the suggestion. The block lists are all merged into one in memory and there is no indication of which block list a domain name belongs. And there are domain names which are in multiple lists. This makes it difficult but not impossible. DNS Client tab is just a client that is not linked to the DNS Server in anyway. It can just query a given name server and display its response. I am wondering how this information would really be useful. |
Perhaps an option then, so that the DNS Client tab could be used to poll the individual sources instead of the collective data. As an example, I attempted to check for updates to various software today including TeamViewer and CDBurnerXP as well as several other applications. Both (and others) were blocked by the EMD list (hosts-file.net/emd.txt) as "malware." If nothing else, this helps me to determine that the quality of that list (and likely others from that source) is wanting, and I should probably stop using it. Likewise, the Technet Scripting Gallery is being blocked by their "fraud" list (FSA). For now I've whitelisted the domain names and will check the blocked domains more often to identify issues. The problem is that In order to identify which list was causing it (since neither of these two apps could be considered malware) I had to download the 13 lists I subscribed to into individual files and search them with find. It would have saved me quite a bit of time to be able to identify which lists were responsible directly from the DNS Client tab. Now I have a process in place to resolve this type of issue myself, but it would be better for others who come after me to be able to resolve these issues without having to resort to the same method. |
That seems to be useful from your description. I could add something like a TXT record in the blocked zone which would contain the block list url the domain was in. And then you could use the DNS Client to query TXT record and get all the block lists it was included in. This could be used by any DNS client on the network. |
That would be perfect. |
Using 2.3.1
It would be great if there were a way to identify which blocklist(s) were responsible for sinkholing a domain I'm getting "0.0.0.0" for. This information would be ideal within the DNS Client tab.
The text was updated successfully, but these errors were encountered: