GAG 0 Posted June 8, 2015 Share Posted June 8, 2015 Hi, Our new SonicWALL firewall is generating alerts about "DNS Rebind attacks". After investigation, we conclude that our internal DNS servers are sending request to the configured external DNS servers in The Internet about "b.z.e5.sk" domain. The problem is that the IP in the answer is "127.0.4.210" which is a local IP, so an incorrect one por a public DNS, so our firewall drops the answer and generates an alarm. We read that this domain is related to ESET and WEB/Parental control. How can we avoid these requests from our users PCs? Why is this domain configured that way? Thanks in advance!! Link to comment Share on other sites More sharing options...
Recommended Posts