DNS rebinding attack
Posted on 2014-02-14
I am getting a lot of alerts in the Sonic Wall 205 with 'DNS rebinding attack' logs. It appears to be inbound from the Comcast dns servers.
The dns setting is to set to log attack only and I tried changing it to log and drop but after several days, it caused dns to not resolve at all. I changed it. I think this is causing a performance issue with our internet circuit. We have a 100MB circuit but the speedtest.net shows only 27MB at times.
I also tried switching it to a openDNS (188.8.131.52) and that didn't seem to help.
Just wondering how I can go about resolving this.