You are viewing a single thread.
View all comments
5 points

This sounds like a pain in the ass to maintain. Either you are trusting Microsoft to give you a whitelist of “good” domains or you have the IT department having to jump to action every time a user tries to connect to a new site. If you are just using it to track dns queries then you have to trust that the whole software suite of the organization is playing nice and not using any hard-coded IP addresses or doing any dns lookups in a bad way, which with custom legacy software, good luck.

Also, is this just a server change, or will all the client boxes have to be updated for this? That will be a pain in any network with a mix of OSes on it.

permalink
report
reply
1 point

It probably won’t be used in the majority of environments because it would be an administration nightmare.

permalink
report
parent
reply

Pulse of Truth

!pulse_of_truth@infosec.pub

Create post

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Community stats

  • 1.4K

    Monthly active users

  • 1.4K

    Posts

  • 1.1K

    Comments

Community moderators