Open Resolver Problems

Mike Simkins mike.simkins at sungard.com
Mon Mar 25 14:58:00 UTC 2013


There are a number of open resolvers that are that way by design (i.e.
Google), but most of them are there by misconfiguration, having a small
number (say < 100) of well-known open resolvers in the world is not a
problem, having > 1 million probably is

Mike
-----Original Message-----
From: Harry Hoffman [mailto:hhoffman at ip-solutions.net]
Sent: 25 March 2013 14:46
To: nanog at nanog.org
Subject: Re: Open Resolver Problems

What are those who provide open resolvers, such as google, doing to combat
the problem?

It would be nice to be able to provide open resolvers as a service and
combat the various threats associated with them.


Cheers,
Harry

On 03/25/2013 10:22 AM, Jared Mauch wrote:
> All,
>
> Open resolvers pose a security threat.  I wanted to let everyone know
about a search tool that can help you find the ones within your
organization. Treat it like a big "BETA" stamp is across it, but please
try it out and see if you can close down any hosts within your network.
>
> This threat is larger than the SMURF amplification attacks in the past
and can result in some quite large attacks.  I've seen this spilling out
into other mailing lists (e.g.: juniper-nap and others).
>
> Please send feedback about links that should be included or
documentation and spelling errors to me.
>
> openresolverproject.org
>
> Some basic stats:
>
> 27 million resolvers existed as of this dataset collection
>
> only 2.1 million of them were "closed".
>
> We have a lot to do to close the hosts, please do what you can to help.
>
> Thanks,
>
> - Jared
>
>




More information about the NANOG mailing list