...
Any public DNS request that reaches Infoblox Platform and resolves to a private IP address could be a sign of a DNS rebinding attack. If the option Block DNS Rebinding attacks is enabled, Infoblox Platform will respond with "No Error - No Data" for such DNS requests, and Infoblox will remove the private IP addresses from the responses. This may result in a NODATA response if there are no other records included in the response.Informed the SA about “private-ip” which does not have a Threat Class assigned and the
Note: When the "Block DNS Rebinding Attacks" option
...
Logging "Private-IP" in Security Activity Reports
Please note the following regarding "Private-IP" in Security Activity reports:
...
"Private-IP" does not have a threat class assigned to it in the Security Activity report.
...
is enabled in a security policy and it blocks a DNS response with a private IP, the security log in the Infoblox Security Activity report will mark the query as being blocked by the threat feed "private-ip", threat class "Policy," and threat property "Rebind" and action "Redirect".