Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
DNS calls to opnsense.emergingthreats.net
« previous
next »
Print
Pages: [
1
]
Author
Topic: DNS calls to opnsense.emergingthreats.net (Read 1447 times)
vecchiostupido
Newbie
Posts: 4
Karma: 2
DNS calls to opnsense.emergingthreats.net
«
on:
November 30, 2020, 07:37:44 pm »
I have installed Suricata and I use the ET Telemetry. I also have a Pihole as my local DNS, resolves back to Unbound in OPNSense
The Pihole has hundreds of calls per minute to opnsense.emergingthreats.net, see example from Pihole log below. The calls are from my OPNsense firewall (192.168.121.1), that's why I am posting on this forum
Nov 29 10:01:11 dnsmasq[580]: query[A] opnsense.emergingthreats.net from 192.168.121.1
Nov 29 10:01:11 dnsmasq[580]: cached opnsense.emergingthreats.net is 72.12.200.25
Nov 29 10:01:11 dnsmasq[580]: query[AAAA] opnsense.emergingthreats.net from 192.168.121.1
Nov 29 10:01:11 dnsmasq[580]: cached opnsense.emergingthreats.net is NODATA-IPv6
Nov 29 10:01:11 dnsmasq[580]: query[A] opnsense.emergingthreats.net from 192.168.121.1
Nov 29 10:01:11 dnsmasq[580]: cached opnsense.emergingthreats.net is 72.12.200.25
I checked my Suricata logs and the Unbound logs in OPNSense, nothing going on (e.g. no calls out to 72.12.200.25 - Wintek.com - data provider).
Any suggestions on how to diagnose what is going on ?
Logged
dancwilliams
Newbie
Posts: 6
Karma: 0
Re: DNS calls to opnsense.emergingthreats.net
«
Reply #1 on:
February 13, 2023, 04:34:34 pm »
Did you ever figure this out? I am seeing the same thing!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
DNS calls to opnsense.emergingthreats.net