Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
ET INFO Observed DNS Query to .cloud TLD
« previous
next »
Print
Pages: [
1
]
Author
Topic: ET INFO Observed DNS Query to .cloud TLD (Read 2819 times)
vijvis
Newbie
Posts: 15
Karma: 1
ET INFO Observed DNS Query to .cloud TLD
«
on:
January 30, 2022, 11:20:43 am »
I enabled the IPS on my LAN interface and I am seeing a few on these alerts. The source IP shown in the alert belongs to my Samsung Galaxy S10 phone, the destination IP is the NextDNS IP address and port is 53.
My phone is not rooted and runs Android 11. It is fully patched to December 2021. No dodgy apps as I use it for work purposes as well.
The alert detail only has a link to Spamhaus which doesn't tell me much.
The traffic is getting dropped but I don't see any issues on the phone. I am able to use everything as normal and backups to Google Drive work as normal.
Any ideas, please? I have had a look at the DNS logs from my phone in NextDNS portal and nothing stands out as suspicious.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
ET INFO Observed DNS Query to .cloud TLD
