Do you block "new" domain names?
This is more a quick question then a full post: Many attacks use recently registered domain names. Do you block newly registered domain names (lets say for the first week)? What system do you use to do so? I am thinking about setting up a simple API to return a "days registered" for a domain name, but first want to see what else is out there.
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Keywords: DNS
14 comment(s)
×
Diary Archives