Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Trending News

Gary Player's son Wayne stands behind him during opening ceremonies at last week's Masters. (AP)

Gary Player's son apparently banned from Masters

Kanye West and Kim Kardashian. (Kevin Mazur/Getty Images)

Kanye West responds to Kim K.'s divorce filing

Yankees outfielder Aaron Hicks. (Julio Aguilar/Getty Images)

Hicks, like so many Black Americans, needed a break

Prince Harry looks just like Prince Philip in 1957 photo

Suspect taken into custody in Kristin Smart case: Report

How could the police have mistaken a gun for a Taser?

Veteran Minn. officer who killed Daunte Wright quits

Disinformation on Fox News was 'no accident': Court brief

Person prepares a vaccine vial. (Getty Images)

How serious is the J&J vaccine risk? Experts explain

Julian Edelman doesn't warrant a Hall of Fame conversation, much less enshrinement. (Maddie Meyer/Getty Images)

Debating Edelman's Hall of Fame case is a waste of time

A protester confronts reporter Sara Sidner. (CNN)

Minnesota protester confronts CNN reporter

More trending news?Visit Yahoo Home

Promoted

drumrb0y

Lv 5

drumrb0y asked in Computers & Internet Security · 1 decade ago

Cisco PIX: Access-list blocking by domain name vs. IP?

This is a simple one, so I'm hoping for a quick reply.

I currently block malicious domains by manually resolving them and blocking the IP address on the inside (outbound) access-list in the PIX 535; is it possible to configure an access-list to auto-resolve DNS and block by domain name, or would this be too slow of a process for an access-list to accomplish?

Thanks

2 Answers

Relevance

Anonymous
1 decade ago
Favorite Answer
This cannot be done on the Pix via an ACL. You would need some sort of third party server for the resolution and updates.
ritzer
Lv 4
5 years ago
The ACL seems effective to me, are you confident it truly is the placement? Are your NAT's set up properly as an instance? Or is there an ACL on the outdoors interface perhaps? Or a default route lacking probably? The ACL as you've presented it kind of feels effective to me.

Still have questions? Get your answers by asking now.