nanog mailing list archives

RE: Open Resolver Problems

From: Mike Simkins <mike.simkins () sungard com>
Date: Mon, 25 Mar 2013 14:58:00 -0000

There are a number of open resolvers that are that way by design (i.e.
Google), but most of them are there by misconfiguration, having a small
number (say < 100) of well-known open resolvers in the world is not a
problem, having > 1 million probably is

Mike
-----Original Message-----
From: Harry Hoffman [mailto:hhoffman () ip-solutions net]
Sent: 25 March 2013 14:46
To: nanog () nanog org
Subject: Re: Open Resolver Problems

What are those who provide open resolvers, such as google, doing to combat
the problem?

It would be nice to be able to provide open resolvers as a service and
combat the various threats associated with them.

Cheers,
Harry

On 03/25/2013 10:22 AM, Jared Mauch wrote:

All,

Open resolvers pose a security threat.  I wanted to let everyone know

about a search tool that can help you find the ones within your
organization. Treat it like a big "BETA" stamp is across it, but please
try it out and see if you can close down any hosts within your network.


This threat is larger than the SMURF amplification attacks in the past

and can result in some quite large attacks.  I've seen this spilling out
into other mailing lists (e.g.: juniper-nap and others).


Please send feedback about links that should be included or

documentation and spelling errors to me.


openresolverproject.org

Some basic stats:

27 million resolvers existed as of this dataset collection

only 2.1 million of them were "closed".

We have a lot to do to close the hosts, please do what you can to help.

Thanks,

- Jared

Current thread:

Re: Open Resolver Problems, (continued)
- - - Re: Open Resolver Problems William Herrin (Mar 25)
    - Re: Open Resolver Problems Nick Hilliard (Mar 25)
    - Re: Open Resolver Problems William Herrin (Mar 25)
    - Re: Open Resolver Problems Jay Ashworth (Mar 26)
    - Re: Open Resolver Problems Mikael Abrahamsson (Mar 26)
    - Re: Open Resolver Problems Jared Mauch (Mar 25)
    - Re: Open Resolver Problems Jon Lewis (Mar 26)
    - Re: Open Resolver Problems Jared Mauch (Mar 26)
- Re: Open Resolver Problems Harry Hoffman (Mar 25)
  - Re: Open Resolver Problems Jared Mauch (Mar 25)
  - RE: Open Resolver Problems Mike Simkins (Mar 25)
  - Re: Open Resolver Problems Damian Menscher (Mar 25)
- Re: Open Resolver Problems Valdis . Kletnieks (Mar 25)
- Re: Open Resolver Problems Jay Ashworth (Mar 25)
  - Re: Open Resolver Problems Jared Mauch (Mar 25)
    - Re: Open Resolver Problems Alain Hebert (Mar 25)
    - Re: Open Resolver Problems Mark Andrews (Mar 25)
    - Re: Open Resolver Problems Jared Mauch (Mar 25)
    - RE: Open Resolver Problems Jamie Bowden (Mar 26)
    - Re: Open Resolver Problems Dobbins, Roland (Mar 26)
    - Re: Open Resolver Problems Patrick W. Gilmore (Mar 26)

(Thread continues...)