Do you block "new" domain names?

Published: 2014-02-04
Last Updated: 2014-02-04 12:41:39 UTC
by Johannes Ullrich (Version: 1)
14 comment(s)

This is more a quick question then a full post: Many attacks use recently registered domain names. Do you block newly registered domain names (lets say for the first week)? What system do you use to do so? I am thinking about setting up a simple API to return a "days registered" for a domain name, but first want to see what else is out there.

Johannes B. Ullrich, Ph.D.
SANS Technology Institute

Keywords: DNS
14 comment(s)
Diary Archives