Joined: 11 Aug 2019
|Posted: Sun Jan 19, 2020 7:07 Post subject: dns rebind attack detected
|Firmware: DD-WRT v3.0-r41813 std (12/29/19)
model: netgear r6400v2
ISP router LAN port is connected to DDwrt router WAN port
till now it was working properly all of sudden my syslog is flooded with Possible dns rebind attack detected
[quote]Jan 19 12:07:11 DD-WRT daemon.warn dnsmasq: possible DNS-rebind attack detected: wpad.domain.name
Jan 19 12:07:11 DD-WRT daemon.warn dnsmasq: possible DNS-rebind attack detected: wpad.domain.name
Jan 19 12:07:27 DD-WRT daemon.warn dnsmasq: reducing DNS packet size for nameserver 127.0.0.1 to 1280
Jan 19 12:07:27 DD-WRT daemon.warn dnsmasq: possible DNS-rebind attack detected: wpad.domain.name
when i disable dnscrypt then no error found in syslog
dnscrypt is always enabled since it was available
possible solution which i found on internet/forum is
add below line in Additional DNSMasq Options
should i need to worry about that error?
is this problem is caused by dnscrypt?
which solution is better to use ?