TechQA.

Does traffic to weird subdomains on my LAN indicate a security issue?

141 views Asked by At

I am a user of OpenDNS, and I am noticing network traffic to weird subdomains on my local area network. Suppose the "Local Domain Name" setting on my router is named "mynetwork". I am seeing many requests to domains like:

lb._dns-sd._udp.mynetwork
db._dns-sd._udp.mynetwork
b._dns-sd._udp.mynetwork
tvovhvumfcuvo.mynetwork
pqwakwyids.mynetwork
vbqulcywazgwao.mynetwork
wjyuspdzzbac.mynetwork
etc.

If this is not normal traffic how should I discern where my problem lies? Should I install something like "Little Snitch" on my Macs for example?

security subdomain router lan opendns
Original Q&A
1

There are 1 answers

0
Jeremy On BEST ANSWER

You may want to check out this answer from menandmice, where they say:

These are queries generated by 'Multicast/Unicast DNS Service Discovery or Zeroconf', which is a service of Apple 'Bonjour/Rendevous' or Unix Services like 'Avahi'. DNS Queries coming from Port 5353 are DNS queries from a Zeroconf service.

The DNS Service Discovery enabled clients are looking for pointers to services running in their network block 192.0.2.0/24.

This is harmless. If there is not PTR record for the requested ownernames, it only means that unicast Zeroconf is not configured.

"unicast Zeroconf is not configured" might not be your exact problem, but overall it's nothing to worry about.

Related Questions in SECURITY

Related Questions in SUBDOMAIN

Related Questions in ROUTER

Related Questions in LAN

Related Questions in OPENDNS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions