0

DNS IP reverse IP mistake and exposed Plesk control panel

Hello,

My home router runs unbound for my home network (I've chosen not to have every home device go directly to NextDNS for good reason) and it always resolves one of the NextDNS servers, 207.148.84.153  as

cdicker.net

the other DNS server correctly resolves as dns.nextdns.io

Any idea why?


While investigating this I notice that http://cdicker.net (the same IP) has an exposed Plesk web control panel.
I'm trusting NextDNS with my privacy, can you please ensure you don't expose control panels directly to the web?  Ideally you'd put them behind a VPN or at least restrict access via IP or something.

3 replies

null
    • NextDNs
    • 2 yrs ago
    • Reported - view

    207.148.84.153 is not a NextDNS server.

      • Dominic_N_Smith
      • 2 yrs ago
      • Reported - view

      NextDNS thank you for responding!

      That address as it is one of two IP addresses I copied from the setup page a number months ago. The other IP was 207.148.84.39 which still resolves to dns.nextdns.io today.

      the setup page now suggests two IPs I've never seen before!  Both are 45.90.[28|30]* and appear to be in the US, not Australia where I'm based.

      Do the IP addresses of your DNS servers change?

      If so, that's a problem for my router where I've had to put in a static configuration and allow as I block all other DNS (even over https) from clients on my network.

       

      Oddly I wasn't notified by email of your reply or I would have replied straight away.

      Edited for Clarity

    • Dominic_N_Smith
    • 2 yrs ago
    • Reported - view

    When I use `dig` from my network which uses a next DNS server I get different IPs to those suggested by the setup page:

    $ dig dns.nextdns.io
    
    ; <<>> DiG 9.16.21-RH <<>> dns.nextdns.io
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32902
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 65494
    ;; QUESTION SECTION:
    ;dns.nextdns.io.            IN    A
    
    ;; ANSWER SECTION:
    dns.nextdns.io.        249    IN    CNAME    steering.nextdns.io.
    steering.nextdns.io.    60    IN    A    207.148.84.39
    steering.nextdns.io.    60    IN    A    103.212.225.153
    
    ;; Query time: 152 msec
    ;; SERVER: 127.0.0.53#53(127.0.0.53)
    ;; WHEN: Sat Oct 30 15:49:10 AEDT 2021
    ;; MSG SIZE  rcvd: 98
    

Content aside

  • 2 yrs agoLast active
  • 3Replies
  • 155Views
  • 2 Following