Menu
What's new
By:
Filters Better Search

DNS Rebind Attack Alerts

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

SMS786

SMS786

Senior Member
The following alert was posted over a hundred times in my syslog during a span of the last 24 hours:

Code: 
Apr 20 20:06:54 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net
Apr 20 20:07:00 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net
Apr 20 20:07:00 dnsmasq[288]: possible DNS-rebind attack detected: httpconfig.vonage.net

I have a vonage voip box that is connected to my 68U through ethernet running the latest 384.16. I also have had "dns rebind protection" enabled under WAN settings for a while now, but these alerts just started popping up today. Should I be concerned?
 
That's because that hostname resolves to a non-public IP, triggering dnsmasq's rebind protection. Either disable that protection, ignore it, or tell dnsmasq to ignore that domain through a dnsmasq.conf.add script.

Code: 
rebind-domain-ok=httpconfig.vonage.net
 
RMerlin said:
That's because that hostname resolves to a non-public IP, triggering dnsmasq's rebind protection. Either disable that protection, ignore it, or tell dnsmasq to ignore that domain through a dnsmasq.conf.add script.

Code: 
rebind-domain-ok=httpconfig.vonage.net
Click to expand...

Thank you. Added the exception to my dnsmasq script file and now all is well.
 
You must log in or register to reply here.

Similar threads

H
DNS-rebind attack detected: farm.plista.com. etc...??
Replies
3
Views
626
Treadler
Treadler
TanyaC
Possible DNS-Rebind attack detected and unresponsive router plus one more
Replies
3
Views
1K
TanyaC
TanyaC
H
Solved DNS Rebind Attack Message For Only Two Domains
Replies
4
Views
1K
Viktor Jaep
Viktor Jaep
J
possible DNS-rebind attack detected
Replies
9
Views
4K
sfx2000
sfx2000
H
NXDOMAIN DNS Results Flagged As "Possible DNS-rebind attack detected" In Log
Replies
5
Views
1K
HarryMuscle
H
Similar threads
Thread starter Title Forum Replies Date
H DNS-rebind attack detected: farm.plista.com. etc...?? Asuswrt-Merlin 3
TanyaC Possible DNS-Rebind attack detected and unresponsive router plus one more Asuswrt-Merlin 3
H Solved DNS Rebind Attack Message For Only Two Domains Asuswrt-Merlin 4
S Solved New ISP - WAN Setup - Will not work with custom WAN DNS - dnsmasq.conf Asuswrt-Merlin 1
T Wireguard Client VPN not using DNS Asuswrt-Merlin 14
Preskitt.man DNS Issue?? AX5800 Pro Issue?? Asuswrt-Merlin 2
plapic DNS Director Asuswrt-Merlin 7
P DNS Director - Proprietary? Asuswrt-Merlin 6
r000t Hardcoded Google DNS IPTABLES rule Asuswrt-Merlin 6
Panic Button Wireguard client optional DNS Server setting Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 817 (members: 29, guests: 788)
Top