Dnsfire: A proof-of-concept DNS-driven firewall enforcer

Aside | Posted on by

Dnsfire: A proof-of-concept DNS-driven firewall enforcer

DNS Firewall is a solution that prevents users and systems from connecting to malicious services by filtering DNS queries – and not returning the IP addresses of known mailicious services to user. DNSFIRE solves the problem by either logging or blocking completely connections to IP addresses that were not resolved using a local, safe, and secure DNS service. Then you can e.g. add a rule to iptables to log traffic to addresses that were not resolved using system resolver:

If your router has a CLI command to add and remove allowed IPs use:

“%s” is replaced with IP address to be added/deleted.

Source: github.com