Hi all, We've run into a dns poisoning issue in our company network since Friday. The issue is being discussed here: https://forum.pfsense.org/index.php?topic=87491.0 - we use Unbound on a pfSense. A few other users have the same problem:
- All of a sudden, all host names resolve to a malware host. - It stops automatically after some time - There's no arp poisoning going on, so it really comes from Unbound on the pfSense Example: While "on": $ host omx.ch omx.ch has address 195.22.26.248 omx.ch mail is handled by 10 mx1.csof.net. omx.ch mail is handled by 10 mx2.csof.net. Normally: $host omx.ch omx.ch has address 62.48.3.132 omx.ch mail is handled by 10 mxhost1.omx.ch Other wrongly resolved ips lead to sso.mlwr.io (which tries to redirect back to xsso.<correcthost.com>/<someidentifier>) Any ideas? - Martin
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
