Dozens of alerts being received daily- 'A DNS query was blocked for a domain'

DavidCES
DavidCES Posts: 23 Enthusiast
in WithSecure Business Suite

Hi,

Once again, we are receiving loads of alerts for various URL's, some that I'm sure have been whitelisted previously.

I've submitted these via the submit a sample page and had no response. Below is a typical example


Here are the most recent alerts (1) from Policy Manager.

Warning: A DNS query was blocked for a domain.

From: UCL/XXXX, 2022-09-07 14:55:07 +01:00

Details: A DNS query was blocked for a domain. DNS: platform.twitter.map.fastly.net.

Accepted Answer

  • James Chang
    James Chang Posts: 416 Moderator
    Answer ✓

    Hi,

    The DNS was blocked due to heuristic rules, and have now whitelisted the Domain. Can you please check again ?

Answers

  • DavidCES
    DavidCES Posts: 23 Enthusiast

    Thanks. Havent had any alerts for that particular url since yesterday afternoon now.


    Just received an alert for 'prod-rotation-v2.guce.aws.oath.cloud' though and again I think I've submitted this as a false positive before too.

Categories