Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1689
Views
0
Helpful
1
Replies

How to drop DNS requests for banned sites?

Go to solution
golly_wog
Level 1
Level 1

‎07-19-2011 02:55 AM - edited ‎03-10-2019 05:25 AM

Hi

I'm looking to create a number of signatures to drop DNS requests for banned sites, the only way I've successfully implemented this is creating a signature (string UDP), to drop any UDP/53 traffic containing the regex string of banned site.

I would like clarification from any experts to verify that this is the only way of acheiving this, I know that there's a Service DNS Engine, but I can't seem to specify the FQDN within this. I'm not sure if I'm missing something?

Many thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rhermes
Level 7
Level 7

‎07-19-2011 08:47 AM

You're on the right track. A custom UDP signature is the only way you'll find the requests you want to drop.

The DNS engine does not allow for custom string matches.

- Bob

View solution in original post

0 Helpful
1 Reply 1

Go to solution
rhermes
Level 7
Level 7

‎07-19-2011 08:47 AM

You're on the right track. A custom UDP signature is the only way you'll find the requests you want to drop.

The DNS engine does not allow for custom string matches.

- Bob

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card