This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

dnsbl.proxybl.org offline?

This morning I got a bunch of calls about all of our websites/portals taking 20+ seconds to load a page.  I jumped on our web server and it was running fine so I logged into the UTM and opened the WAF live log and saw a ton of these for every page request:

DNS lookup for 83.16.168.192.dnsbl.proxybl.org. failed

This the the dns reputation lookup that we current have turned on.  It appears that proxybl.org has had it's DNS wiped out!

I have temporarily turned off the reputation lookup and things are again running normal.  Just thought I would share in case anyone else is experiencing this.

Dave


This thread was automatically locked due to age.
Parents
  • Use at your own risk, effects entirely untested by me - please let me know how/if it works for you.

    check original settings:

    # cc get reverse_proxy blacklist dnsrbl_zones
    [
              'black.rbl.ctipd.astaro.local',
              'dnsbl.proxybl.org',
              'http.dnsbl.sorbs.net'
            ]


    Change, less dnsbl.proxybl.org:

    # echo -e 'reverse_proxy\n blacklist\n dnsrbl_zones@\n =["black.rbl.ctipd.astaro.local","http.dnsbl.sorbs.net"]\n' | cc --batch


    Change back:

    # echo -e 'reverse_proxy\n blacklist\n dnsrbl_zones@\n =["black.rbl.ctipd.astaro.local","dnsbl.proxybl.org","http.dnsbl.sorbs.net"]\n' | cc --batch
  • Teched, just a FYI, your script commands work fine.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply Children
No Data