DNS-RPZ
DNS-RPZ
Author: Michael Hornung; Expeditors International of Washington, Inc.
License: AGPL-V3
Version: 1.0
Supported data types:
- thehive:case_artifact
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description
Add a dynamic DNS entry to a Response Policy Zone, blackholing or redirecting a FQDN.
Configuration
bind_server |
IP or FQDN of RPZ master BIND server |
Default value if not configured |
127.0.0.1 |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |
tsig_keyname |
Name of TSIG key to access BIND server |
Default value if not configured |
cortex. |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |
tsig_keyval |
TSIG key value to access BIND server |
Default value if not configured |
updateme |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |
tsig_hashalg |
TSIG hash algorithm to use |
Default value if not configured |
HMAC-SHA512 |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |
rpz_zonename |
Fully qualified RPZ zone name (don't forget the trailing dot) |
Default value if not configured |
rpz. |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |
remediation_ip |
IP to resolve RPZ names to |
Default value if not configured |
127.0.0.1 |
Type of the configuration item |
string |
The configuration item can contain multiple values |
False |
Is required |
True |