coredns-mlbridge

module
v0.0.0-...-8c4d343 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 12, 2020 License: MIT

README

CoreDNS-MLBridge

GitHub issues GitHub license

GSoC Icon

This repository contains the plugin for connecting the CoreDNS server to a Machine Learning Environment for DNS request and response analysis, monitoring and alerting.

This can be modified to work for any other platform as well as language which does not have machine learning capabilities.

Installation

Clone the repository:

git clone https://github.com/mlbridge/coredns-mlbridge.git

Install Elasticsearch by following the instructions from this link. Start the Elasticsearch server.

To install and start CoreDNS please take a look at the CoreDNS repository. Add the mlbridge plugin to CoreDNS. To add external plugins, please take a look at the example plugin.

To add the plugin to a particular port say 1053, please make the changes to the Corefile as shown below:

.:1053 {
    mlplugin
}

MLBridge Plugin

The mlbridge plugin is a CoreDNS plugin that forwards requests to the mlbridge-middleware app via HTTP POST requests. Once the mlbridge-middleware app processes the request,it sends the prediction, whether the domain name is malicious or benign, back to the plugin. Depending on the nature of the domain name, the plugin can be configured to allow the request to fall through to the other plugins or send the request to a honeypot or a blackhole.

Directories

Path Synopsis
Package mlbridge implements a plugin
 Package mlbridge implements a plugin

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.