Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] A potential DNS Rebind attack has been detected
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] A potential DNS Rebind attack has been detected (Read 33224 times)
giovanit
Newbie
Posts: 28
Karma: 3
[SOLVED] A potential DNS Rebind attack has been detected
«
on:
September 03, 2019, 02:45:32 pm »
Hello people.
I created a port forwarding NAT for an internal server to access port 80. Access is via a DNS address example.test.com.
When access outside my local network works perfectly, but when access the same DNS the following message is displayed:
A potential DNS Rebind attack has been detected.
Try to access the router by IP address instead of by hostname.
I tried numerous NAT settings and also looked for some solutions on google, none worked. Can someone help me?
«
Last Edit: September 03, 2019, 03:27:43 pm by giovanit
»
Logged
Northguy
Full Member
Posts: 118
Karma: 11
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #1 on:
September 03, 2019, 04:01:28 pm »
Just wondering: you mark this issue solved, but don't add the solution. For my curiousity and future readers reference: what was the solution?
Logged
giovanit
Newbie
Posts: 28
Karma: 3
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #2 on:
September 04, 2019, 01:36:53 pm »
Firewall -> Settings -> Advanced
Enable:
- Reflection for port forwarding
- 1: 1 reflection
- Automatic outbound NAT for reflection NAT
Firewall -> NAT -> Port Forwarding
WAN TCP * * WAN address 80 (HTTP) 192.168.1.50 80 (HTTP) Name
Logged
vicentedeandrade
Newbie
Posts: 2
Karma: 4
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #3 on:
December 28, 2020, 02:57:24 pm »
Hi,
I solved this only making a change in:
System / Settings / Administration
- Alternate Hostname: my.host.on.ddns.service
Thanks!
Logged
gmiserk
Newbie
Posts: 6
Karma: 0
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #4 on:
November 15, 2021, 10:50:35 am »
Hi,
can you say wich info i need to introduce in"alternative hostname"
my.host.on.ddns.service is your opnsens hostname ?
Logged
nferocious76
Newbie
Posts: 5
Karma: 0
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #5 on:
January 06, 2024, 04:26:03 am »
I also just bump into the same issue. some of my redirect works but when the redirect is path to firewall itself I get this same warning. I don't want to turn off rebinding as it seems it will be bypassing my dns rebinding for all request. Any more updates or answer here?
Logged
conan
Newbie
Posts: 1
Karma: 0
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #6 on:
January 26, 2024, 04:35:42 pm »
The following explanation from the official Docs is pretty detailed about this Situation and the possible fix.
https://docs.opnsense.org/manual/how-tos/nat_reflection.html
Follow the instructions and choose your Situation to create the correct Port Forward Rule for NAT Reflection.
Additionally, for me it was necessary to create also a NAT Outbound Rule, because I had my Service in a separated DMZ.
Okay I thought it worked, but it seems I am to dumb to do the right NAT Rules. If someone got the right config, I would appreciate the shared rules.
«
Last Edit: January 26, 2024, 05:03:31 pm by conan
»
Logged
selma77
Newbie
Posts: 2
Karma: 0
Re: [SOLVED] A potential DNS Rebind attack has been detected
«
Reply #7 on:
September 24, 2024, 12:24:25 pm »
check mysqld !!
--> systemctl status mysqld
if myslqd is down
--> systemctl start mysqld
then connect zabbix web
if it's ok
--> systemctl enable mysqld
this will be running automatical after rebooting
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] A potential DNS Rebind attack has been detected