Domain Block Lists

According to the McAfee Threat Report; 5 million new suspect URLs are discovered each month.

 

When you trial the Spamhaus Domain Block List for FREE for 30-days, you’ll have access to the most comprehensive list of malicious Domains allowing you to filter and protect you network from harmful sites.


Cybercrime gangs routinely create tens of thousands of new domains each day to be used in phishing Emails. Once end users click these links, they will be directed to infected sites. These sites will install ransomware, keyloggers, trojans or other forms of malware that will ultimately lead to financial theft or the compromise of personally sensitive data.

Updated every minute, the Spamhaus Domain Block List (DBL), contains information on hundreds of thousands of highly suspicious or outright malicious domains. Any Email server software capable of scanning message body contents for URIs can use the DBL to identify, classify or reject spam containing DBL-listed domains. The security subsets of the Spamhaus domain reputation data enable detection, rerouting (sinkhole) or blocking network connections to known bad domains. The DBL can also be used in log analysis to retroactively find infected or compromised hosts on a network.

Cybercrime gangs routinely create tens of thousands of new domains each day to be used in phishing emails. Once end users click these links, they will be directed to infected sites. These sites will install ransomware, keyloggers, trojans or other forms of malware that will ultimately lead to financial theft or the compromise of personally sensitive data.

DNS FIREWALL & RPZ DATA

“DNS RPZ provides a scalable, relatively low cost and effective mechanism for blocking malware and phishing on a corporate network where no existing layer 7 filtering mechanism is currently deployed.”

Source: SANS Institute Reading Room

Typical Usage scenarios for DNS Firewall using RPZ

Usage Scenarios:

  • Detect and quarantine suspect email messages
  • Monitor networks for infected machines
  • Prevent infected hosts from communicating stolen data to a botnet dropzone
  • Protect against infections by malware

DBL Technical specifications:

  • Lists bad domains (split between generic and malware)
  • Cloud query via DNS or local download (rsync) for large networks.
  • Built with spam trap, honeypot, sandbox and ISP production feedback data
  • 60 seconds publishing interval
  • Full API for advanced processing purposes
  • Slow Release version with extended data feed

Full specifications and deployment/usage scenarios are covered in detail here

The DBL feed is highly effective at protecting your network and its users from malware of many kinds including bots, spyware and other malicious attack vectors.

The DBL list will instantly eliminate phishing and malware and make your users feel safer. Contact us today to start your free trial.