[161698] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Open Resolver Problems

daemon@ATHENA.MIT.EDU (Jay Ashworth)
Mon Mar 25 14:05:05 2013

Date: Mon, 25 Mar 2013 14:04:37 -0400 (EDT)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <1BCE4663-EEB4-44EB-997F-906B232F41A1@puck.nether.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

----- Original Message -----
> From: "Jared Mauch" <jared@puck.nether.net>

> Open resolvers pose a security threat.

Could you clarify, here, Jared?

Do "open DNS customer-resolver/recursive servers" *per se* cause a problem?

Or is it merely "customer zone servers which are misconfigured to recurse",
as has always been problematic?

That is: is this just a reminder we never closed the old hole, or 
notification of some new and much nastier hole?

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra@baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[161698] in North American Network Operators' Group

Re: Open Resolver Problems

daemon@ATHENA.MIT.EDU (Jay Ashworth)Mon Mar 25 14:05:05 2013

daemon@ATHENA.MIT.EDU (Jay Ashworth)
Mon Mar 25 14:05:05 2013