After you have followed the application steps under ‘Use this service’ on the Protective DNS service page and your application form has been submitted, a cyber security specialist will contact you to finalise your service implementation.
Test your service
Once a specialist has confirmed onboarding is complete, and as an ongoing activity, you can test your implementation to ensure your DNS is protected. The test will display a green shield if protective DNS is enabled, and a red shield if it is not, in which case you can contact the CDC Support Centre at service@citec.com.au for assistance.
Blacklist configuration
Protective DNS can be used to prevent resolution of malicious domain names, usually URLs, by implementing one or more blacklists so that instead of returning the correct response to a query, the DNS server returns an NXDOMAIN (name does not exist), effectively black-holing the malicious host name or domain name. It provides access to a curated list of suspect domains that will be blocked when accessed including; Command & Control, Distribution points, Phishing sites and Malware.
RPZ Blacklist receives threat feeds from (38) various sources of malicious hostnames. These include CITEC-generated, licensed and open source options such as Spamhaus, Auscert, Palo Alto, OpenPhish, AlienVault, URLHaus and many more that are continually being added.
The difference between ‘slaving the zone’ and using CITEC DNS
There are some threat feeds that the Protective DNS service is unable to permit access to slave from our DNS servers due to contractual obligations. When slaving the zone you will receive access to approximately 1.5 million records. When using the WoG Protective DNS service, you will have access to approximately 6-10 million records.
QLD Government agencies are able to slave the rpz.blacklist file (approximately 200MB in size) onto our own DNS servers from a CITEC DNS Server, or simply configure CITEC as their upstream DNS provider.
If you need support, contact the CITEC Service Desk via email at service@citec.com.au and your request will be assessed by a SOC Engineer.