Hi,
Does anyone know how to disable the internal DNS server on the 7800DXL, or specifically how to prevent it responding to DNS lookups from the Internet? This is a risk to have that open as the router could be subject to a DNS attack. I've created a rule blocking inbound packets to port 53 from the outside, but if for example I point nslookup from work at my home external IP address, I still get a response. It appears that this processing bypasses the IP filter rules, or is carried out prior to checking the rules.
Thanks,
Tony S
7800DXL - Disable Internal DNS Server
-
billion_fan
- Posts: 5398
- Joined: Tue Jul 19, 2011 4:30 pm
Re: 7800DXL - Disable Internal DNS Server
aesmith wrote:Hi,
Does anyone know how to disable the internal DNS server on the 7800DXL, or specifically how to prevent it responding to DNS lookups from the Internet? This is a risk to have that open as the router could be subject to a DNS attack. I've created a rule blocking inbound packets to port 53 from the outside, but if for example I point nslookup from work at my home external IP address, I still get a response. It appears that this processing bypasses the IP filter rules, or is carried out prior to checking the rules.
Thanks,
Tony S
You need to remove the incoming rule, should then work fine. (I get DNS request timed out)
You do not have the required permissions to view the files attached to this post.
-
aesmith
- Posts: 24
- Joined: Sat Jan 09, 2016 6:00 pm
Re: 7800DXL - Disable Internal DNS Server
Thanks, that works. Looks like I was misinterpreting what "Shields Up" was telling me, because adding that rule changed port 53 from "stealth" to "blocked". However at that time I couldn't test from outside the network.