https://vo.rs/tags/malware/Malware - Tag - vo.rsHugo -- gohugo.ioenThis work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.Sun, 09 Nov 2025 16:00:00 +0000https://vo.rs/story/dns-sinkholing-blocking-malware-domains-at-the-network-level/<p>Almost every nasty thing a compromised device does starts with a DNS lookup. Malware phones home, a phishing link resolves a lookalike domain, a tracker beacons to an analytics endpoint — all of it begins with &ldquo;what&rsquo;s the IP for <em>this</em>?&rdquo; Which makes DNS the single best chokepoint on your whole network. Block the name and the connection never happens; no firewall rule per IP, no deep packet inspection, no certificate gymnastics. That&rsquo;s DNS sinkholing, and on a home or small-business network it&rsquo;s the highest-leverage security control I run.</p>Sun, 09 Nov 2025 16:00:00 +0000