Strange DNS spikes and random pop-ups on a fresh OPNsense setup

Started by matsoon, February 13, 2026, 08:52:16 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 13, 2026, 08:52:16 AM


Hi all
I've just finished setting up OPNsense on a small home box (fresh install, default Unbound + DNSBL). Everything looked stable, low latency, no packet loss. Then I noticed repeated DNS queries going out to domains related to Royalspinia and other casino-type sites, even though nobody here actively browses that kind of content. What I expected was clean outbound traffic, but instead I'm seeing bursts every few minutes, mostly from one Windows client. It started right after installing a couple of free browser extensions, so that might be the trigger, but I'm not 100% sure. I'm not a network expert, just trying to keep the setup clean and safe. Would you block this purely at firewall level, tighten DNSBL rules, or look deeper for adware on the client first?
February 13, 2026, 09:14:25 AM #1
Disable said extensions and see if the queries stop. It's almost certain that one of them is the cause. Be careful :)
Intel i3-8300T - Intel i350_T2 - 8GB RAM
February 13, 2026, 02:56:28 PM #2
Quote from: matsoon on February 13, 2026, 08:52:16 AMlook deeper for adware on the client first?
Killing the source is always the best !!

Good luck! :)
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Print
Go Up Pages1
User actions