To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Dozens of alerts being received daily- 'A DNS query was blocked for a domain'

DavidCES
DavidCES W/ Member Posts: 27 Cyber Knight
edited March 2023 in WithSecure Business Suite

Hi,

Once again, we are receiving loads of alerts for various URL's, some that I'm sure have been whitelisted previously.

I've submitted these via the submit a sample page and had no response. Below is a typical example


Here are the most recent alerts (1) from Policy Manager.

Warning: A DNS query was blocked for a domain.

From: UCL/XXXX, 2022-09-07 14:55:07 +01:00

Details: A DNS query was blocked for a domain. DNS: platform.twitter.map.fastly.net.

Best Answer

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 508 Moderator
    Solved

    Hi,

    The DNS was blocked due to heuristic rules, and have now whitelisted the Domain. Can you please check again ?

Answers

  • DavidCES
    DavidCES W/ Member Posts: 27 Cyber Knight

    Thanks. Havent had any alerts for that particular url since yesterday afternoon now.


    Just received an alert for 'prod-rotation-v2.guce.aws.oath.cloud' though and again I think I've submitted this as a false positive before too.

This discussion has been closed.

Categories