Menu
What's new
By:
Filters Better Search

DNS Rebind Attack Alerts

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

SMS786

SMS786

Senior Member
The following alert was posted over a hundred times in my syslog during a span of the last 24 hours:

Code: 
Apr 20 20:06:54 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net
Apr 20 20:07:00 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net
Apr 20 20:07:00 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net

I have a vonage voip box that is connected to my 68U through ethernet running the latest 384.16. I also have had "dns rebind protection" enabled under WAN settings for a while now, but these alerts just started popping up today. Should I be concerned?
 
That's because that hostname resolves to a non-public IP, triggering dnsmasq's rebind protection. Either disable that protection, ignore it, or tell dnsmasq to ignore that domain through a dnsmasq.conf.add script.

Code: 
rebind-domain-ok=httpconfig.vonage.net
 
RMerlin said:
That's because that hostname resolves to a non-public IP, triggering dnsmasq's rebind protection. Either disable that protection, ignore it, or tell dnsmasq to ignore that domain through a dnsmasq.conf.add script.

Code: 
rebind-domain-ok=httpconfig.vonage.net
Click to expand...

Thank you. Added the exception to my dnsmasq script file and now all is well.
 
You must log in or register to reply here.

Similar threads

TanyaC
Possible DNS-Rebind attack detected and unresponsive router plus one more
Replies
3
Views
1K
TanyaC
TanyaC
H
Solved DNS Rebind Attack Message For Only Two Domains
Replies
4
Views
1K
Viktor Jaep
Viktor Jaep
J
possible DNS-rebind attack detected
Replies
9
Views
4K
sfx2000
sfx2000
H
NXDOMAIN DNS Results Flagged As "Possible DNS-rebind attack detected" In Log
Replies
5
Views
1K
HarryMuscle
H
CaptnDanLKW
Updated my DNS Settings - DoT implications and DNS Rebind Attack message
2
Replies
20
Views
5K
manup85
manup85
Similar threads
Thread starter Title Forum Replies Date
TanyaC Possible DNS-Rebind attack detected and unresponsive router plus one more Asuswrt-Merlin 3
H Solved DNS Rebind Attack Message For Only Two Domains Asuswrt-Merlin 4
plapic DNS Director Asuswrt-Merlin 7
P DNS Director - Proprietary? Asuswrt-Merlin 6
r000t Hardcoded Google DNS IPTABLES rule Asuswrt-Merlin 6
Panic Button Wireguard client optional DNS Server setting Asuswrt-Merlin 2
M RT-AX86U and DNS Privacy over USB WAN Asuswrt-Merlin 0
V Local system fails to register address with DNS server Asuswrt-Merlin 5
Cr00zng Weird DNS issue.... Asuswrt-Merlin 4
J Noob DNS questions Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 965 (members: 39, guests: 926)
Top