dns rebind attack detected

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
d0d0
DD-WRT Novice


Joined: 11 Aug 2019
Posts: 12

PostPosted: Sun Jan 19, 2020 7:07    Post subject: dns rebind attack detected Reply with quote
Firmware: DD-WRT v3.0-r41813 std (12/29/19)
model: netgear r6400v2
Dnscrypt enabled

ISP router LAN port is connected to DDwrt router WAN port

till now it was working properly all of sudden my syslog is flooded with Possible dns rebind attack detected Sad

[quote]Jan 19 12:07:11 DD-WRT daemon.warn dnsmasq[1556]: possible DNS-rebind attack detected: wpad.domain.name
Jan 19 12:07:11 DD-WRT daemon.warn dnsmasq[1457]: possible DNS-rebind attack detected: wpad.domain.name
Jan 19 12:07:27 DD-WRT daemon.warn dnsmasq[1457]: reducing DNS packet size for nameserver 127.0.0.1 to 1280
Jan 19 12:07:27 DD-WRT daemon.warn dnsmasq[1457]: possible DNS-rebind attack detected: wpad.domain.name


when i disable dnscrypt then no error found in syslog
dnscrypt is always enabled since it was available

possible solution which i found on internet/forum is

add below line in Additional DNSMasq Options

rebind-domain-ok=/wpad.domain.name/

or

address=/wpad.domain.name/127.0.0.1


should i need to worry about that error?
is this problem is caused by dnscrypt?
which solution is better to use ?
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum