mDNSResponder automatically denied incoming connections

General discussions about Little Snitch
noraa
Posts: 3
Joined: Tue Jul 11, 2017 1:50 am

mDNSResponder automatically denied incoming connections

Postby noraa » Fri Jul 21, 2017 6:11 pm

With Little Snitch 4, I have received a number of popups informing me that Little Snitch has denied an incoming connection to mDNSResponder. The connections are from various IP addresses, usually coming from the local network. My question is, should I continue to deny these connections? As far as I know, mDNSResponder responds to DNS requests - thus if the connection is denied the request won't be able to be translated? As such, should mDNSResponder be allowed to accept all both incoming and outgoing connections?

thanks for you help all!

Xipper
Posts: 5
Joined: Sun Mar 15, 2015 1:30 am

Re: mDNSResponder automatically denied incoming connections

Postby Xipper » Thu Jul 27, 2017 8:04 pm

This is likely part of dynamic service discovery (Aka Bonjour) and perhaps neighbor discovery for IPv6. Services can announce themselves on the network with a broadcast packet, this may be detected by LS as an incoming connection to mDNSResponder as that is the service that registers and stores the info. This could be printers, other OS X computers, etc...many things announce their existence via this process.

ramblingpolak
Posts: 1
Joined: Wed Aug 09, 2017 6:30 pm

Re: mDNSResponder automatically denied incoming connections

Postby ramblingpolak » Wed Aug 09, 2017 6:31 pm

Any idea if there's a way to disable the annoying notification for mDNSResponder being blocked every minute without disabling all notifications?

user425890uhh
Posts: 1
Joined: Thu Sep 07, 2017 5:01 pm

Re: mDNSResponder automatically denied incoming connections

Postby user425890uhh » Thu Sep 07, 2017 5:03 pm

I'm seeing this as well. Currently getting a notification every 60-90 seconds. Even if I allow incoming connections to mDNSResponder it still seems to happen.

sammysmalls
Posts: 1
Joined: Wed Sep 13, 2017 4:20 pm

Re: mDNSResponder automatically denied incoming connections

Postby sammysmalls » Wed Sep 13, 2017 5:09 pm

+1. A real annoyance, especially when in shared environments (Cafe/shared office etc).

Actually +10. Please provide a method for silencing alerts.

bugmenot
Posts: 12
Joined: Tue Mar 05, 2013 12:44 pm

Re: mDNSResponder automatically denied incoming connections

Postby bugmenot » Fri Sep 15, 2017 10:54 am

it seems little snitch does not detect the IPv6 link-local addresses as local network.
also it should detect a IPv6 global temporary dynamic address (that contains mac-address but not used for public connections) out of the ISP assigned prefix as local address or as a new group that can be select to block such.
maybe I haven't found, but it would be great to have more IPv6 protocol related options for creating rules.
I assume as obdev is located in Vienna they might be able to test and verify by using an IPv6 product from one of the local ISP's there,...


Return to “Little Snitch General”

Who is online

Users browsing this forum: No registered users and 5 guests