Open DNS resolver problem

FenderFender Member Posts: 7  Freshman Member
I noticed on a Zywall 110 many sessions on port 53 from outside, i think it is a DDOS attack, how is this possible? I am not running a DNS from the Wan connection I hope? I checked it with this link: https://www.openresolver.nl/ 
Where can I make changes on the zywall to make sure DNS from outside is not accessible? In the past this issue was also on the old DSL modems: https://support.aa.net.uk/Stopping_Open_DNS_-_ZyXEL_P660R-D1 

Accepted Solution

All Replies

  • PeterUKPeterUK Member Posts: 687  Guru Member
    Unless you allow from WAN to Zywall then port 53 is not allowed from the out side.
  • FenderFender Member Posts: 7  Freshman Member
    Well ofcourse, such rule I would never make, but how it is still showing as an open resolver?
  • FenderFender Member Posts: 7  Freshman Member
    edited October 22, 2020 6:37PM
    @Zyxel_Charlie
    I made the rule you suggested and it is blocking now and don't get the openresolver error anymore!
    Very strange that the Zywall is not blocking it by default in this matter! 
    There is only one rule from Wan to Zywall, and that is my own fixed wan-ip address to the Zywall in thic case to have full access from outside. All the other (and default Wan_to_Device) rules I always delete because in don't need the VPN stuff. 

Sign In to comment.