[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Resolver Problems

Subject: Open Resolver Problems
From: hhoffman at ip-solutions.net (Harry Hoffman)
Date: Mon, 25 Mar 2013 10:45:43 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

What are those who provide open resolvers, such as google, doing to
combat the problem?

It would be nice to be able to provide open resolvers as a service and
combat the various threats associated with them.


Cheers,
Harry

On 03/25/2013 10:22 AM, Jared Mauch wrote:
> All,
> 
> Open resolvers pose a security threat.  I wanted to let everyone know about a search tool that can help you find the ones within your organization. Treat it like a big "BETA" stamp is across it, but please try it out and see if you can close down any hosts within your network.
> 
> This threat is larger than the SMURF amplification attacks in the past and can result in some quite large attacks.  I've seen this spilling out into other mailing lists (e.g.: juniper-nap and others).
> 
> Please send feedback about links that should be included or documentation and spelling errors to me.
> 
> openresolverproject.org
> 
> Some basic stats:
> 
> 27 million resolvers existed as of this dataset collection
> 
> only 2.1 million of them were "closed".
> 
> We have a lot to do to close the hosts, please do what you can to help.
> 
> Thanks,
> 
> - Jared
> 
>

Follow-Ups:
- Open Resolver Problems
  - From: jared at puck.nether.net (Jared Mauch)
- Open Resolver Problems
  - From: mike.simkins at sungard.com (Mike Simkins)
- Open Resolver Problems
  - From: damian at google.com (Damian Menscher)

References:
- Open Resolver Problems
  - From: jared at puck.nether.net (Jared Mauch)

Prev by Date: Open Resolver Problems
Next by Date: Open Resolver Problems
Previous by thread: Open Resolver Problems
Next by thread: Open Resolver Problems
Index(es):
- Date
- Thread