All,
Open resolvers pose a security threat. I wanted to let everyone know about a search tool that can help you find the ones within your organization. Treat it like a big "BETA" stamp is across it, but please
There are a number of open resolvers that are that way by design (i.e. Google), but most of them are there by misconfiguration, having a small number (say < 100) of well-known open resolvers in the world is not a problem, having > 1 million probably is Mike -----Original Message----- From: Harry Hoffman [mailto:hhoffman@ip-solutions.net] Sent: 25 March 2013 14:46 To: nanog@nanog.org Subject: Re: Open Resolver Problems What are those who provide open resolvers, such as google, doing to combat the problem? It would be nice to be able to provide open resolvers as a service and combat the various threats associated with them. Cheers, Harry On 03/25/2013 10:22 AM, Jared Mauch wrote: try it out and see if you can close down any hosts within your network.
This threat is larger than the SMURF amplification attacks in the past
and can result in some quite large attacks. I've seen this spilling out into other mailing lists (e.g.: juniper-nap and others).
Please send feedback about links that should be included or
documentation and spelling errors to me.
openresolverproject.org
Some basic stats:
27 million resolvers existed as of this dataset collection
only 2.1 million of them were "closed".
We have a lot to do to close the hosts, please do what you can to help.
Thanks,
- Jared