Using OpenDNS has revealed some unusual activity on my network.
A lot of DNS requests for some dodgy looking domains.
Looks like a DNS amplification attack, read up on it here.
Turns out the DNS resolver is open to the Internet. Fix this in the dnsmasq config by setting it to listen on the LAN interface only.
root@voyage:/etc/network/if-up.d# remountrw root@voyage:/etc/network/if-up.d# vi /etc/dnsmasq.conf # If you want dnsmasq to listen for DHCP and DNS requests only on # specified interfaces (and the loopback) give the name of the # interface (eg eth0) here. # Repeat the line for more than one interface. interface=br0
root@voyage:/etc/network/if-up.d# /etc/init.d/dnsmasq restart
Check it using this site: