How to block DoH with BlueCat’s new threat feed option-Tempemail Zone

DNS over HTTPS (DoH) is a method of encrypting DNS queries which has gained a lot of traction recently.  In February 2020, DoH was added as a default setting in the Firefox browser.  Now ordinary users are jumping on the bandwagon – when everyone started working from home, we noticed a 1500% increase of DoH domain queries across our customer base.  That dramatic surge in DoH usage continues to this day.
Opinions vary on the benefits of DoH, but one thing’s for sure:  it reduces the visibility of network and security administrators to zero.  If you’re charged with protecting a corporate network, you’re probably going to want to prevent users from accessing DoH services across the enterprise
If you’re using a centralized DNS management platform like BlueCat, it’s easy to block DoH by adding known DoH resolvers to a response policy zone (RPZ).  The longer-term challenge is adding any new DoH services that appear in the future to that block list.
So we decided to make it easy by creating a new threat feed specifically for known DoH resolvers.  To disable DoH across the enterprise, all you have to do is enable this threat feed in either DNS Edge or DNS Integrity, and you’ll be all set.  We’ll keep an eye out for any new DoH resolvers and add them to the threat feed, keeping you covered even as DoH usage evolves.
How to deploy the DoH threat feed in DNS Integrity

Log in to BlueCat Address Manager
Select the DNS tab. Tabs remember the page you last worked on, so select the tab again to ensure you’re on the configuration information page
Under DNS Views, click a DNS View then the Response Policy Zones sub tab
Under Response Policy Zones, click New and select Response Policy Zone
Under General, add the name of the response policy zone
Under Type, select the “BlueCat Threat Protection DoH Public Servers” option and apply other deployment parameters as desired
Click update

How to deploy the DoH threat feed in DNS Edge

Log in to the DNS Edge user interface.
In the top navigation bar, select Policies.
Select an existing policy that uses the BlueCat Threat Protection domain list, and click Edit
Select the BlueCat Threat Protection DoH Public Servers option
Click save and apply

Our care portal contains more information about DoH threat feed options, including detailed technical notes.
Learn more about the pros and cons of DoH in a webinar with BlueCat’s Chief Strategy Officer Andrew Wertkin.

Tempemail , Tempmail Temp email addressess (10 minutes emails)– When you want to create account on some forum or social media, like Facebook, Reddit, Twitter, TikTok you have to enter information about your e-mail box to get an activation link. Unfortunately, after registration, this social media sends you dozens of messages with useless information, which you are not interested in. To avoid that, visit this Temp mail generator: tempemail.co and you will have a Temp mail disposable address and end up on a bunch of spam lists. This email will expire after 10 minute so you can call this Temp mail 10 minute email. Our service is free! Let’s enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *