Posted: Mon May 14, 2018 9:19 Post subject: Router become unstable after adding adress=/ad.X.Y/127.0.0.1
I saw a lot of dns re-bind attacks in my R7000p (dd-wrt 35550M) and I wrote a script to parse my syslog and found 293 of unique DNS-rebind attacks.
Code:
router daemon.warn dnsmasq[1798]: possible DNS-rebind attack detected: data.flurry.com
I put all 293 entries in Additional DNSMasq Options (Under services -> services tab), then I no longer see the DNS-rebind attck. But my router refused to connect to internet 3 hours after I made the changes. My mac book can no longer connect to the router's wifi signal, my PC cannot access internet via ethernet.
I rebooted my router but it failed to connect to internet. I have to reset my router and restore my previous config backup to fix the connection issue.
Did DNSMasq options cause this issue? If so, what is the best way to stop DNS-rebind attack?
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Tue May 15, 2018 23:00 Post subject:
I don't have "No DNS rebind" enabled on the services tab. I have been trying to figure out a weird issue with DNS lookups going stale over 5G that I'm having, have not done a tcp dump nor have I seen anything in the syslog that points to the problem.
