Buy or Renew
Buy or Renew
NOTICE: OpenDNS reactivated for users in Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
215
Views
0
Helpful
1
Replies

.lan domains on dashboard?

madwifee
Level 1
Level 1

‎03-16-2024 07:26 AM

Why am I suddenly seeing a lot of .lan added to the domain names in the dns log? For example: youtubei.googleapis.com.lan, data.flurry.com.lan, mtalk.google.com.lan, beacons.gvt2.com.lan, ipv4only.arpa.lan etc. This seems to have just started happening in the past day or two. Is this normal?
Labels:
0 Helpful
1 Reply 1

reham1
Cisco Employee
Cisco Employee

‎03-17-2024 04:06 PM

Hello

These are usually domains generated by some sort of application on one of the user's workstations that's "pinging" to see if there's a live internet connection. It could be an antivirus program, or any other application that does such checks.

We don't block these domains because they're not valid domains. This means that blocking them from our side wouldn't actually do much, and if they are legitimate domains that are malicious, they usually come in the form of DGA (domain generated algorithm) domains and we block those already on our malware side of things.

If you have any questions or concerns please create a support request.

0 Helpful
Customers Also Viewed These Support Documents