This is a Windows PowerShell Script to help you with blacklisting domains you wish to block in your networks.<\/p>\n
We have written about PowerShell<\/a> before, it is something which can make the windows shell a lot more flexible.<\/p>\n On the external DNS servers you can create primary zones for the domain names and FQDNs you do not want your users to resolve correctly. These DNS zones will all return an incorrect IP address, such as \u201c0.0.0.0\u2033 or the address of an internal server, not the real address. Because the organization\u2019s internal DNS servers are configured to forward their requests to these external DNS servers in the DMZ, the internal DNS servers will cache these incorrect addresses too when the external DNS servers respond. So, when an internal client tries to resolve an unwanted DNS name, it will receive a response, but the IP address returned will be incorrect. Because an IP address of \u201c0.0.0.0\u2033 is unreachable, these unwanted zones created on the external DNS servers are said to be \u201cblackholed\u201d, \u201cblacklisted\u201d or \u201cblocklisted\u201d.<\/p>\n What to block? You can obtain lists of FQDNs and domain names to blackhole for free. Some lists are only for malware, others might be just for pornography, but be aware that they are never 100% complete or accurate (you get what you pay for, so don\u2019t be surprised to find gaps a small number of false positives).<\/p>\n Some of the more popular blackhole lists include (in no particular order):<\/p>\n www.MalwareDomains.com<\/a> From sites like the above you can download lists of FQDNs and simple domain names which can be fed into the PowerShell script for this article in order to create blackhole zones on Windows DNS servers. If you have DNS servers running BIND, perhaps on Linux or BSD, then the sites above will also help you import blackhole domains on those DNS servers too (scripts for blackholing on BIND are common).<\/p>\n Requirements<\/strong><\/p>\n To use the PowerShell DNS blackhole script, you must:<\/p>\n You can download the PowerShell DNS Blackhole script here:<\/p>\n
\nwww.Malware.com.br<\/a>
\nwww.MalwareDomainList.com<\/a>
\nwww.MalwareURL.com<\/a>
\nwww.SomeoneWhoCares.org<\/a>
\nmtc.sri.com<\/a>
\nwww.MVPs.org<\/a>
\nwww.UrlBlacklist.com<\/a> (not free)<\/p>\n\n