|
|
|
|
|
|
by sathackr
3321 days ago
|
|
|
DNS blackholing is playing whack-a-mole. I can blackhole scontent.xx.fbcdn.net today, and I have no assurance or confidence that they won't use scontent.xx.fbcdn2.net tomorrow. DNS/FW whitelist is the only way to have even a little confidence that egress is controlled at this point. |
|
|