InfoSec News

Those using the DNS Sinkhole ISO that I have made available on the Whitehats.ca site can now download the most current version of sinkhole_parser.sh script between new ISO releases. The script contains new lists that were not part of the 7 July 2011 release. The script is available on the handler's server here with the MD5 here.
DNS Sinkhole using your own BIND Server
I have posted all the necessary scripts use in the ISO if you want to use your own BIND setup. The tarball is available here with the MD5 here. Follow the instructions posted on this page to get started.

[1] http://handlers.dshield.org/gbruneau/

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Internet Storm Center Infocon Status