DNS is a control plane of the Internet
No more ads, no more malware and more privacy if you own your DNS and enable DNS Security.
Free DNS Firewall (RPZ) feeds for
ioc2rpz community partnered with Bfore.Ai to introduce a new threat feed and make the whole world a bit more safe and secure.
Bfore.Ai is the first predictive threat feed in the market, the patented AI technology combined with hyperscale observation infrastructure predicts malicious domain names as their behaviour changes well before any other security solution or threat intelligence.
bforeai.ioc2rpz community feed includes malicious domains with the highest confidence score (less than 0.5% false positives) and up to 6 months of data. The community feed is degraded by a variable delay between 2 and 4 weeks (after the initial prediction).
A live Bfore.Ai feed with more than 7M indicators and no time-limit is available commercially and it also includes benign domains for whitelisting, if you would like to trial it feel free to contact (https://bfore.ai) directly. Bfore.Ai feeds are available via API and ioc2rpz can help you to convert it to a DNS Firewall feed.
ioc2rpz community is a portal which provides free of charge DNS Firewall (or Response Policy Zone) feeds. The DNS Firewall feeds are based on publicly available threat intelligence(TI). The TI feeds are maintained by 3rd party communities or companies and only a limited number of indicatores were whitelisted. We are not validating the TI feeds on false positives.
DNS Firewall feeds provided "as-is". They may contain false positives.
If you have any questions, comments, proposals or want to provide any feedback please contact us.
DNS Firewall or DNS Response Policy Zones is a DNS server feature that allows to overlay custom information on top of the global DNS to provide alternate responses to DNS queries.
The prime motivation for creating this feature was to protect users from badness on the Internet related to known-malicious global identifiers such as host names, domain names, IP addresses, or nameservers.
Criminals tend to keep using the same identifiers until they are taken away from them. Unfortunately, the Internet security industry's ability to take down criminal infrastructure at domain registries, hosting providers or ISPs is not timely enough to be effective.
Using DNS Firewall, a network or DNS administrator can implement their own protection policies base based on reputation feeds from security service providers on a near-real-time basis.
More information available at dnsrpz.info