Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A DNS sinkhole returns controlled responses for malicious domains, blocking command-and-control and malware callbacks while revealing infected hosts.
DNS Sinkhole Definition: A DNS sinkhole returns controlled responses for malicious domains, blocking command-and-control and malware callbacks while revealing infected hosts.
A DNS sinkhole is a defensive technique in which a DNS server is configured to return false or controlled responses for known-malicious domains, redirecting requests away from attacker infrastructure to a benign or monitored destination. This breaks command-and-control callbacks, malware downloads, and phishing connections while allowing defenders to observe which internal hosts attempted to reach the blocked domains. Sinkholes are commonly fed by threat-intelligence blocklists and deployed via internal resolvers or protective DNS services.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →