There are a number of open resolvers that are that way by design (i.e. Google), but most of them are there by misconfiguration, having a small number (say < 100) of well-known open resolvers in the world is not a problem, having > 1 million probably is
Mike -----Original Message----- From: Harry Hoffman [mailto:hhoff...@ip-solutions.net] Sent: 25 March 2013 14:46 To: nanog@nanog.org Subject: Re: Open Resolver Problems What are those who provide open resolvers, such as google, doing to combat the problem? It would be nice to be able to provide open resolvers as a service and combat the various threats associated with them. Cheers, Harry On 03/25/2013 10:22 AM, Jared Mauch wrote: > All, > > Open resolvers pose a security threat. I wanted to let everyone know about a search tool that can help you find the ones within your organization. Treat it like a big "BETA" stamp is across it, but please try it out and see if you can close down any hosts within your network. > > This threat is larger than the SMURF amplification attacks in the past and can result in some quite large attacks. I've seen this spilling out into other mailing lists (e.g.: juniper-nap and others). > > Please send feedback about links that should be included or documentation and spelling errors to me. > > openresolverproject.org > > Some basic stats: > > 27 million resolvers existed as of this dataset collection > > only 2.1 million of them were "closed". > > We have a lot to do to close the hosts, please do what you can to help. > > Thanks, > > - Jared > >
