Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Dropped by DNS sinkhole.Domain

was wondering where I can find the list for this or how to whitelist sites that get triggered by this when the company doesn't have the dns security feature paid for. I thought it was by the content filtering whitelist area but that doesn't help me when i add the site to it.

Category: Mid Range Firewalls
Reply

Answers

  • ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    Not sure I understand the question - if it's not licensed, then surely it's not being triggered?

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @blue DNS Security is a new payable option for SonicOS 7.1 and up, if you're running 6.x or 7.0.x it's working without a dedicated license.

    IMHO there is no published list of blacklisted domains.

    --Michael@BWC

  • blueblue Newbie ✭

    running Firmware Version SonicOS 7.1.1-7047


    i am just getting the PUBLIC IP calling out to other DNS IP's and trying to find where its starting,also out the same port all the time; i am also getting a temp red flag and have gone and checked on it and it is cool to the touch and room is at 65 degrees, I am going to sit and watch the fans on the back for a bit and see if that might be the issue, just trying to make sure these aren't connected, also these sinkhole drops are happening every 5 mins so i want to believe it is a client on the network just am unable to track it down at the moment.

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @blue that's interesting, it might be a Sonicwall Newsletter which hit Mandrilapp in the past 😂

    I guess you can't modify any settings for DNS security without the valid license? Was it enabled before upgrading to 7.1.1? Did you checked the configuration via CLI, maybe the upgrade messed things up and you need to disable it manually?

    But 7.1.1 is buggy by itself and probably you hit this 100% Task dilemma which plagued a lot of users. I highly recommend not to use it atm.

    --Michael@BWC

  • blueblue Newbie ✭

    interesting, I have been using SonicWall for about 8 years with this company and never had the license for it, what firmware would you say is the stable one? i thought Maintenance Release where the stable ones?

  • BWCBWC Cybersecurity Overlord ✭✭✭

    DNS Security needs to be licensed from 7.1 and up. It's part of APSS and noone could tell me the SKU for extending EPSS.

    IMHO the Label Maintenance Relese is misleading, because 7.1.1-7040 was a Feature Release (or Early Release?) and only due to a huge vulnerabilty it became MR.

    Best Firmware for Gen7 is 7.0.1-5145, IMHO.

    --Michael@BWC

  • blueblue Newbie ✭

    thanks for direction on this, will be making a change back tonight.

  • blueblue Newbie ✭

    i have reverted back to Firmware for Gen7 is 7.0.1-5145 and am still getting dns sinkholes

  • NatNat Newbie
    edited March 7

    This is an interesting topic.

    Just tested its not firmware issue.

    @blue

    DNS security license just apply to the first tab DNS Filtering(without license, it will prompt an alert)


    However, other tabs like DNS Sinkhole is still configurable and usable without DNS security license. Not sure its intended or bug.

    So your device has enable DNS sinkhole service.


  • blueblue Newbie ✭
    so would you lean on this site to be dropped correct? I'm getting this on a 5 min loop
  • ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    I think mandrillap is Mailchimp's click-tracking domain so almost certainly no upside to allowing this traffic for you. So "correct" in that sense - it's blocking something that isn't necessarily malicious, but is just junk traffic.

  • blueblue Newbie ✭
    @nat I seem to only recall it not populating on the left side menu for the NSa2700
Sign In or Register to comment.