Atomicrbl

From Atomicorp Wiki
Revision as of 16:28, 26 November 2014 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Introduction

The Atomicorp RBLs are part of the Atomicorp Threat Intelligence system.

Local DNS mirror

Requesting Access

Access to the zones, for local DNS mirroring, is restricted. To request access, please send an email to support. We will need to know the IP address(es) of the systems that will be requesting access, and will ask you to sign an confidentiality agreement to access the zones.

Access is restricted to existing customers only.

Local Only Resolver

Software Installation

Note: These instructions are for Redhat and Centos based systems, please other operating systems contact your OS vendor for instructions for installing rbldnsd on your system, or if you need assistance from us please let us know and we'll put a quote together for your system.

Step 1)

yum -y install rbldnsd

Note: rbldnsd is not provided by Atomicorp.

Step 2) Configure rbldnsd

For a local resolver, all you need to do is add this single line to your /etc/sysconfig/rbldnsd file:

RBLDNSD="dsbl -u rbldnsd -b127.0.0.01/750 -a -v -f -c60 -r/home/rbldnsd/zones threat1.atomicrbl.com:ip4set:threat1.rbl atomicrbl.com:generic:atomicrbl.com threat2.atomicrbl.com:ip4set:threat2.rbl threat3.atomicrbl.com:ip4set:threat3.rbl threat4.atomicrbl.com:ip4set:threat4.rbl threat5.atomicrbl.com:ip4set:threat5.rbl test.atomicrbl.com:ip4set:test.atomicrbl.com"

By default, in Redhat and Centos, everything else should be commented out in this configuration file. If its not, comment it out, you will only need this line in that file.

Step 3) create the rbldnsd user

useradd rbldnsd

Step 4) create the zone directory

mkdir /home/rbldnsd/zones

Download the zones

Step 1) Request access


See the top of this document for access. Access to the zones, for local DNS mirroring, is restricted and is restricted to existing customers only.

Step 2) Use rsync to download the zones

Note: Do not run this more often than hourly at this time.

rsync -azv rsync.atomicrbl.com::atomicrbl/* /home/rbldnsd/zones

Note: Our zones are formated for rbldnsd, an fast and low memory footprint DNS server designed for RBLs.

Step 3) Start rbldnsd

/etc/init.d/rbldnsd start

Step 4) Configure your DNS server to forward to rbldnsd for atomicrbl.com

For bind, add this to your /etc/named.conf file:

zone "atomicrbl.com" {

       type forward;
       forward first;
       forwarders {
       127.0.0.1 port 750;
       };

};

Step 5) Restart named/bind

/etc/init.d/named restart

Step 6) Test resolution

nslookup 2.0.0.127.test.atomicrbl.com

If you have things setup correctly to use a local resolver on your system, you should see this:

Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
Name:	2.0.0.127.test.atomicrbl.com
Address: 127.0.0.1


Remote Resolver

Personal tools