kevwhite Posted January 31, 2021 Share Posted January 31, 2021 Hi, I am using a raspberry pi as a gateway for my CCTV to go through so that I can get my CCTV on my firestick network devices. However it is noticing it as a possible dns-rebind attack. Is there a way I could disable this? The domain in question should go to an internal network address of mine. Sun Jan 31 13:49:48 2021 daemon.warn dnsmasq[3884]: possible DNS-rebind attack detected: *****{REMOVED}*****.mproxy.io Thanks. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Hey, welcome to the forum! Does it actually work and is it just an entry in the log file? If it's not causing a problem then you can just ignore it. Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Hi, No its stopping it working unfortunately. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Could you try disabling Port Scan and Syn Floow Protection in WAN Settings please and see if that helps? Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Hi Fraser - Already disabled I'm watching the monocle log as i attempt to view my camera and its getting the request but its not bringing back the mproxy.io part which it should as that would forward it onto my internal IP. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Adblocker I believe is enabled by default so disable that, if that doesn't help could you disable QoS fully from the Congestion Control menu please? That's the other thing that could be interfering that you could adjust, otherwise I'll need to pass it on to the devs I think. Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Both disabled. Ad blocker was disabled by default for me aswell. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Just to clarify, is the Pi connected to the R2 and on the R2 you've given it the DNS address of the Pi? If so make a Traffic Controller rule to allow ALL traffic to the Pi and see if that helps please. Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 The PI is connected to the R2. Are you meaning changing the whole DNS server for the R2 to the PI IP? Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 That's what I thought you were doing, is the CCTV directly connected to the Pi then? Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Hi, No so the cctv is connected to R2. The firestick using alexas commands needs a gateway called monocle gateway installed. Here is their link - the gateway is only used for CCTV not anything else https://forum.monoclecam.com/topic/4/dns-rebinding Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Ahh I see thank you for that. Okay so I can probably get a developer to connect to your router and add an exception for that but in the meantime try enabling Adblocker and adding a whitelist entry for *.mproxy.io and see if that works. If not enable remote support in WAN settings. What is your exact physical setup - what is the R2 connected to, a pure modem or modem/router? Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Thanks ill try that. Its connected into a 300Mbps Wireless N USB VDSL/ADSL Modem Router Model No. TD-W9970 I'll enable remote support aswell let me know anything else you need. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Okay and have you changed any settings on that router to ensure all traffic passes straight through to the R2, modem, bridge mode or DMZ for example? Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 I changed its mode into DSL Modem Router Mode. Thats all Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted January 31, 2021 Administrators Share Posted January 31, 2021 Does it still output WiFi like that? If so can you put it into just modem mode and if not take the WAN IP from the R2 System Information page and enter it into the DMZ on the modem please. Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 It does output wifi but i disabled the wifi. Ill add the dmz Link to comment Share on other sites More sharing options...
kevwhite Posted January 31, 2021 Author Share Posted January 31, 2021 Done and retested - still the same Sun Jan 31 22:59:39 2021 daemon.warn dnsmasq[3884]: possible DNS-rebind attack detected: 28c83855-ed3e-44aa-b61b-fcd897bc16fa.mproxy.io Sun Jan 31 22:59:37 2021 daemon.warn dnsmasq[3884]: possible DNS-rebind attack detected: 28c83855-ed3e-44aa-b61b-fcd897bc16fa.mproxy.io Sun Jan 31 22:59:36 2021 daemon.warn dnsmasq[3884]: possible DNS-rebind attack detected: 28c83855-ed3e-44aa-b61b-fcd897bc16fa.mproxy.io Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 1, 2021 Administrators Share Posted February 1, 2021 Sorry I should have been clear, that was just to make you accessible for the dev to have a look, so assuming you've enabled remote tech support I'll ask a dev to try and do this tomorrow. Link to comment Share on other sites More sharing options...
kevwhite Posted February 1, 2021 Author Share Posted February 1, 2021 Good man thanks - let me know once its done and I can retest Link to comment Share on other sites More sharing options...
kevwhite Posted February 1, 2021 Author Share Posted February 1, 2021 Hi guys - have the engineers had a chance to login? Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 2, 2021 Administrators Share Posted February 2, 2021 I've chased the dev and it is something they can do for you so just waiting on them to get it done. Once they have I'll let you know. Link to comment Share on other sites More sharing options...
kevwhite Posted February 4, 2021 Author Share Posted February 4, 2021 Hi, Any update on this? Thanks Link to comment Share on other sites More sharing options...
Netduma Liam Posted February 4, 2021 Share Posted February 4, 2021 5 hours ago, kevwhite said: Hi, Any update on this? Thanks They're going to try access your router and add this today! Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 4, 2021 Administrators Share Posted February 4, 2021 Hi Kev, could you go ahead and see whether it is working now? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.