HS110 making over 300,000 DNS lookups per day

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

HS110 making over 300,000 DNS lookups per day

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
HS110 making over 300,000 DNS lookups per day
HS110 making over 300,000 DNS lookups per day
2018-09-03 18:30:00
Model :

Hardware Version :

Firmware Version :

ISP :

Whoops, accidentally posted this originally under Smart Bulb.

I recently bought 4 Tp-Link HS110 smart plugs and noticed that they are making a HUGE number of DNS lookup calls - 300,000+ per day to aps1-api.tplinkra.com which does not exist. Do you know why and what I can do about it?
  0      
  0      
#1
Options
3 Reply
Re:HS110 making over 300,000 DNS lookups per day
2018-09-10 10:18:30
Have you seen the list further down this page:

https://sites.google.com/site/mppsuite/why

I installed some of these HS110 devices in my house on the weekend, and am rapidly getting really concerned that TP-Link are totally negligent in respect of security considerations.

I asked TP-link support for a list of IPs that need to be whitelisted for the smart plug and they didn't understand the question!


I'm looking at setting up the application/server mentioned in the link above - seems like the most sensible thing to do. Way more work than I had wanted to do for a few smart plugs though.

In the mean time, at least they are going on the guest network - thank goodness our home router supports that out of the box.
  0  
  0  
#2
Options
Re:HS110 making over 300,000 DNS lookups per day
2018-09-10 13:43:07
It's interesting that a couple of years ago there was an IOT device driven DDOS onto DNS servers:

https://www.bbc.com/news/technology-37738823

I wonder if our smart plugs are still trying to do that attack??
  0  
  0  
#3
Options
Re:HS110 making over 300,000 DNS lookups per day
2018-09-11 07:57:32
I got around this by installing pi-hole in my network and pointing the modem to it as a DNS server. Then I added " aps1-api.tplinkra.com" to the blocklist. Once it was getting blocked rather than unknown responses it stopped trying every second and the traffic volume became more acceptable. I might log all of the traffic it's sending to see what else is going on.
  0  
  0  
#4
Options