[162006] in North American Network Operators' Group
Re: Open Resolver Problems
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sun Mar 31 23:17:37 2013
To: Jimmy Hess <mysidia@gmail.com>
In-Reply-To: Your message of "Sun, 31 Mar 2013 16:09:35 -0500."
<CAAAwwbVHfGYN824_R_zeiYbRU9aFytG=zbmiQjnz1h19agbGLg@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Sun, 31 Mar 2013 23:16:20 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1364786179_1766P
Content-Type: text/plain; charset=us-ascii
On Sun, 31 Mar 2013 16:09:35 -0500, Jimmy Hess said:
> On 3/29/13, Scott Noel-Hemming <frogstarr78@gmail.com> wrote:
> >> Some of us have both publicly-facing authoritative DNS, and inward
> >> facing recursive servers that may be open resolvers but can't be
> >> found via NS entries (so the IP addresses of those aren't exactly
> >> publicly available info).
> > Sounds like your making the faulty assumption that an attacker would use
> > normal means to find your servers.
>
> A distributed scan of the entire IPv4 <SNIP>
Stop right there.
Anybody who is looking at this as an IPv4 issue is woefully misinformed
about the nature of the problem.
--==_Exmh_1364786179_1766P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBUVj8AwdmEQWDXROgAQL5yw//VY5boiK0cmGR8lQd2+mXgcp8qNeVfIHp
/hCzCm+OSkckpXmO84j43cSP7TKtWRiDxu2Lrr1P9RVLuKJuLYXs/fVD0pxP7VdD
dhSzJFR1N3PTeBbVLvhL+1LLGWWMo9teqUjjAx7g7nbZXs2aoVti5aYO5/FbypXY
znZBBwZMTA35VfPOMmUGEdZosvQTCnIEHnf/w9+UE3rWcEjokx2Do8kBvaSMl1ei
M0v8+AUuH4WeTCBD/TXntOauejQr4Xd583HRQlivJmY4NY0RANEGsWxm2lDLOQ7m
gEDxeI5h+UmGvggf6tRlyxrKE02B2l5NHf4XpOBvTngMYwTFtcaJQy1GwKhwU+q7
XhBwLKADwWccolCQh6hcn4XaYeGCCdMwzhUAPoxK0MC8SocGKDf4hfK62TeS8ajA
yBQp1wf+4RLI+ZkxN/omGLPLSdz2EcTPJN5nEQcaCCA2knmqCuWvu28dOjtA0wyw
2rNjw8WLSgtQR1HClK6Qy/u9NBVL+gGFMGy5/kofUH6H+ydZCSxyuQE9YKNfebLa
GTmc1/AEeWx3XreF1RmbvIvuiWuP5CVMaRfy0ktsgcshfvloawKhBxYp4VejBSPb
hK+f25UudFXefo2Iy392Y3JLYJOgWA99lQQ4LRGaAGosclZBQzSWtLFM/hJri/IZ
VFna/jysHoc=
=PoIo
-----END PGP SIGNATURE-----
--==_Exmh_1364786179_1766P--
