Open DNS Issues

The main issue with open resolvers is that they pose a significant threat to the global network infrastructure. Since, they respond to recursive queries from all hosts they can be utilized in DDoS attacks.

If you manage a DNS server and your business requirements force you to allow open recursion then you can restrict replies only to your internal or customer IP ranges via a simple configuration task. For more info go here – http://www.team-cymru.org/Services/Resolvers/instructions.html

Also, note that Authoritative servers should not offer recursion, but can still be used in an attack. Follow the link provided to find out how to configure your Authoritative DNS servers to use Response Rate Limiting – http://www.redbarn.org/dns/ratelimits

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top