Windows 10: Suspicious DNS Rule.

Discus and support Suspicious DNS Rule. in AntiVirus, Firewalls and System Security to solve the problem; Hello. I was checking Windows Firewall and it came to my attention that, for these past few weeks, I have been seeing a suspicious set of rules that... Discussion in 'AntiVirus, Firewalls and System Security' started by KennyGeneva8, Mar 31, 2019.

  1. KENNYGENEVA8
    KennyGeneva8 Win User

    Suspicious DNS Rule.


    Hello.

    I was checking Windows Firewall and it came to my attention that, for these past few weeks, I have been seeing a suspicious set of rules that keep reappearing in my inbound rule set.


    These rules do not go away when I delete them and sometimes more of them appear. I have inbound traffic blocked to my home devices with a physical firewall but I keep seeing these set of rules no matter how many times I have tried to delete them. They open port 52 on both TCP and UDP and apply to no specific program nor I know what service or program are creating them.

    Any idea what these could be or what is creating them?


    Suspicious DNS Rule. 46b1c23a-6259-4147-8c38-e2b1b5f24d26?upload=true.png


    I would appreciate any help with this matter.

    :)
     
    KennyGeneva8, Mar 31, 2019
    #1
  2. WINDYANDY
    Windyandy Win User

    WIN10 Firewall Rules - found 70 different DNS Forwarding Rules? - VIRUS or?

    Hello,

    while investigating a problem in Windows 10 - which is now solved and solution is unrelated to this question -

    I checked the list of Exceptions in the Windows Firewall.

    Among the many entries there are

    70 different

    DNS Forwarding Rule - TCP - xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx-0 Private ON Public ON

    (or UDP)

    Does anyone know how these Rules come about and what purpose they serve?

    Could this be some malware redirecting web-addresses?

    Or could it be related to the Windows-Insider Program? (no answer on this there).

    Regards,

    Andreas
     
    Windyandy, Mar 31, 2019
    #2
  3. HYBRID_THEORY
    Hybrid_theory Win User
    DNS problems with router

    A couple suggestions I have for you:

    Update the firmware on the router. Maybe it's getting into a badstate, and a firmware update might fix it. Or if you're comfortable with it, install a custom firmware like dd-wrt. Just make sure its supported on your router first.

    Change your DNS to: 8.8.8.8, 4.2.2.1. Might help.

    If none of these work, maybe statically set your DNS on your PS3/PC to the IPs you listed, taking the router out of the lookup procedure.

    Last option, is look for a new router.
     
    Hybrid_theory, Mar 31, 2019
    #3
  4. TECHIENIKHIL
    TechieNikhil Win User

    Suspicious DNS Rule.

    dns probe finished no internet


    Hi Oxide,

    After some trial-and-error testing of all suggested fixes, which I found over the internet, here’re what worked for me to solve "DNS Probe Finished No Internet" issue and might work for you as well.

    Method 1: Change Default DNS Address to Open DNS

    Here all you have to do is change your default automatically obtained DNS server addresses to open DNS or Google DNS. To do this, follow below mentioned steps:

    Step 1:     Right click on Network icon located in Windows Task Bar Menu.

    Step 2:     Click on ‘Open Network and Sharing Center.’


    Suspicious DNS Rule. [​IMG]


    Step 3:     Click on Local Area Connection with whom who are presently connected and click onProperties.

    Step 4:     Select ‘Internet Protocol Version 4 (TCP/IPv4)’ and click on Properties.

    Step 5:     Now in newly opened windows, select the radio button that reads ‘Use the following DNS server address:’

    Step 6:     Now in the ‘Preferred DNS Server’ box type in 208.67.222.222 and in ‘Alternate DNS Server’ type in 208.67.220.220.

    Step 7:     Now check the box that says ‘Validate settings upon exit’ and then click on OK. That’s it.


    Suspicious DNS Rule. [​IMG]
     
    TechieNikhil, Mar 31, 2019
    #4
Thema:

Suspicious DNS Rule.

Loading...

  1. Suspicious DNS Rule. - Similar Threads - Suspicious DNS Rule

  2. Windows bypasses DNS rules on Router

    in Windows 10 Software and Apps
    Windows bypasses DNS rules on Router: I have a small network that is configured, on Linksys router, to use an internal IP for DNS requests.Dnsmasq running on Raspberry PI. The requests are then redirected through a personal tunnel to a personal server running the DNS service.Everything is working great and I have...

  3. Windows bypasses DNS rules on Router

    in Windows 10 Gaming
    Windows bypasses DNS rules on Router: I have a small network that is configured, on Linksys router, to use an internal IP for DNS requests.Dnsmasq running on Raspberry PI. The requests are then redirected through a personal tunnel to a personal server running the DNS service.Everything is working great and I have...

  4. Windows bypasses DNS rules on Router

    in Windows 10 Network and Sharing
    Windows bypasses DNS rules on Router: I have a small network that is configured, on Linksys router, to use an internal IP for DNS requests.Dnsmasq running on Raspberry PI. The requests are then redirected through a personal tunnel to a personal server running the DNS service.Everything is working great and I have...

  5. firewall rules to stop circumventing router's DNS configuration

    in AntiVirus, Firewalls and System Security
    firewall rules to stop circumventing router's DNS configuration: I hope that someone here can help me. My router is configured to point to specific DNS servers and I want to prevent someone from circumventing the router by changing the PC's network adapter properties with other DNS servers. Using Windows Defender on a Windows 10 PC, what...

  6. Suspicious entries in dns cache

    in AntiVirus, Firewalls and System Security
    Suspicious entries in dns cache: I've spotted some suspicious entries in the dns cache. The domains seem to be of chinese origin and they have been reported by some as malware. I've run anti-malware programs, flushed the dns cache, changed the preferred dns, restarted my computer and so on, but they are...

  7. Suspicious entries in dns cache

    in Windows 10 Network and Sharing
    Suspicious entries in dns cache: I've spotted some suspicious entries in the dns cache. The domains seem to be of chinese origin and they have been reported by some as malware. I've run anti-malware programs, flushed the dns cache, changed the preferred dns, restarted my computer and so on, but they are...

  8. DNS Cache Suspicious Entries

    in Windows 10 Network and Sharing
    DNS Cache Suspicious Entries: Hello, I have a DNS entry which never goes away even after flushing it multiple times and restarting the machine. I would like to know if there is a way to identify which program/application is constantly trying to access the network so that I can remove this suspicious...

  9. DNS Client allowed by firewall rule, but still get blocked

    in AntiVirus, Firewalls and System Security
    DNS Client allowed by firewall rule, but still get blocked: Hi, First; I am using Binisoft/Malwarebytes Windows Firewall Control as frontend for Windows Firewall. My problem is that I allowed DNS Client to local gateway with UDP on port 53, but still for some reason it is being blocked. When opening the log window in Windows...

  10. WIN10 Firewall Rules - found 70 different DNS Forwarding Rules? - VIRUS or?

    in Windows 10 Network and Sharing
    WIN10 Firewall Rules - found 70 different DNS Forwarding Rules? - VIRUS or?: Hello, while investigating a problem in Windows 10 - which is now solved and solution is unrelated to this question - I checked the list of Exceptions in the Windows Firewall. Among the many entries there are 70 different DNS Forwarding Rule - TCP -...

Users found this page by searching for:

  1. dns server forward rule

    ,

  2. windows 10 firewall strange dns forwarding entries