SonicOS 7.1 DNS Security

Configuring DNS Sinkhole Service

A DNS sinkhole also known as a sinkhole server, Internet sinkhole, or Blackhole DNS — is a DNS server that gives out false information to prevent the use of the domain names it represents. DNS sinkholes are effective at detecting and blocking malicious traffic, and used to combat bots and other unwanted traffic.

SonicOS provides the ability to configure a sinkhole with black and white lists.

To configure DNS Sinkhole settings

  1. Navigate to POLICY | DNS Security > Settings.
  2. Hover over to the DNS Sinkhole Service tab.
  3. Select Enable DNS Sinkhole Service under the Settings tab. This option is not selected by default.
  4. Click the Global Settings tab. Enable the option Enable White List.
  5. From the Action drop-down menu, select what the service should do:
    • Dropping with Logs
    • Dropping with Negative DNS reply to Source
    • Dropping with DNS reply of Forged IP
  6. Ensure the IPv4 address and IPv6 address, Current Detection, and Malicious Domain in the fields.
  7. Click Accept.

To configure Custom Malicious Domain Name List

  1. Navigate to POLICY | DNS Security > Settings.
  2. Hover over to the DNS Sinkhole Service tab.
  3. Click the Custom Malicious Domain Name tab.
  4. For each domain name you want to add as a malicious domain name:
    1. Click +Add. The Add One Domain Name dialog displays.
    2. Enter the malicious domain name in the Domain Name field.
    3. Click Save.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden