[161690] in North American Network Operators' Group
Re: Open Resolver Problems
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Mon Mar 25 12:14:36 2013
X-Envelope-To: nanog@nanog.org
Date: Mon, 25 Mar 2013 16:14:17 +0000
From: Nick Hilliard <nick@foobar.org>
To: Mattias Ahnberg <mattias@ahnberg.pp.se>
In-Reply-To: <5150732D.3090507@ahnberg.pp.se>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 25/03/2013 15:54, Mattias Ahnberg wrote:
> A list of 27 million open resolvers would be a pretty convenient input for
> miscreants who want to abuse them, I believe? I assume Jared & co doesn't
> want their collected work to be abused like that.
http://nmap.org/nsedoc/scripts/dns-recursion.html
http://monkey.org/~provos/dnsscan/
There are 224*2^24 possible unicast hosts, and a whole pile less which are
routed on the DFZ.
I don't think that we can pretend that it's going to help if we hide this
information under a stone and hope that people who are inclined to launch
DNS DDoS attacks are dumb enough not to be able to figure out how to use
these tools.
Highlighting the situation and getting operators to do something will help
fix the problem.
Nick
