Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Why is Firefox 36 on Windows receiving connections from DNS servers? Option network.dns.get-ttl

  • 1 답장
  • 3 이 문제를 만남
  • 17 보기
  • 최종 답변자: jayelbe

more options

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine.

If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option.

Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me.

I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated.

Thanks in advance for any assistance.

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine. If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option. Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me. I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated. Thanks in advance for any assistance.

선택된 해결법

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

문맥에 따라 이 답변을 읽어주세요 👍 0

모든 댓글 (1)

more options

선택된 해결법

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

글쓴이 jayelbe 수정일시