So this is address, 112.26.68.151, that seems to be from China, And it’s using my dns server for some reason.
You are too vague. Please be more specific:
- What kind of DNS server?
- In which way is that DNS server used?
- Show log entries regarding the latter.
It’s an Adguard home on port 53. I use it to redirect traffic from other routers
Running a DNS server open for the web without a VPN is strongly discouraged.
Bots will find it quickly and misuse it! Use a VPN to access it remotely and never forward port 53 from your router.
DNS servers are meant for internet access, but you need a good understanding of them to configure them correctly and if they are misconfigured, then they can leak information, be used for amplifying DDOS attacks or used to pollute other DNS servers in order to redirect it’s users to malicious sites.
So if theirs a network I need to have access to it how would I do that if there isn’t a VPN concentrator on that network and all devices on the network need to automatically use the DNS server?
Just block UDP port 53 for ingress traffic from the WAN to your LAN (–> DNS Server).
Make sure at the modem/router is no port forwarding configured for UDP port 53 to your local DNS Server. That shouldn’t affect your LAN devices from connecting to your Adguard DNS server for domain name resolution. As for your LAN (internal network) a VPN is certainly not needed.
NO (or only through a VPN): WAN (Internet) → your Modem/Router → your DNS Server (Adguard).
YES: LAN Devices (including your “other routers”) → your DNS Server (Adguard) → WAN (Internet).
There is no reason why you should allow access to your local DNS Server from the Internet.
DNS service use both UDP and DNS on port 53.
You can limit DNS access from the internet by blocking the connection attempts from the internet, but you need to allow access on already established connections (those that were created from the internal network towards the internet).
Yeah I’ll just get some raspberry pies and setup some wire guard vpn
1 Like