There has been a lot of news about open DNS resolvers lately, especially in regards to the massive DDOS on Cloudflare/Spamhaus. It got me thinking about whether ISPs are taking this seriously and actively identifying open resolvers on their network. I can see a few open resolvers based on NZ ISPs and being that most NZ internet connections pay for the traffic used (i.e. not unlimited) means that customers could be up for large bandwidth charges if their connection is used in an attack.

Here's a list of networks and how many open resolvers they have (from http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/latest.html):

MAXNET-NZ-AP Auckland (AS9889) - 25
ASIAONLINENZ-AS-AP Asia Online New Zealand (AS4770) - 24
CLIX-NZ TelstraClear Ltd (AS4768) - 20
NZIX-2 Netgate (AS4648) - 15
ORCONINTERNET-NZ-AP Orcon Internet (AS17746) - 14
SNAP-NZ-AS Snap Internet Limited (AS23655) - 10
CALLPLUS-NZ-AP CallPlus Services Limited (AS9790) - 7
AKUNI-NZ The University of Auckland (AS9431) - 6
NZTELECOM Netgate (AS4771) - 2
UNINET-AS-AP Unisys NZ, IT Outsourcer, (AS18021) - 2
COMPASS-NZ-AP COMPASS NZ (AS9245) - 2
INTERGEN-WGTN-AS-NZ Intergen Limted. Internet Service Provid (AS24347) - 2
WEB-DRIVE-NZ-AS-AP Web Drive Limited (AS45459) - 2
ONENET-AS-NZ OneNet Limited (AS45215) - 1
CPIT-NZ-AS-AP Christchurch Polytechnic Institute (AS45138) - 1
TURNSTONE-NZ-AS-AP Turnstone Technologies LTD NZ AS (AS23934) - 1
NZWIRELESS-CO-NZ-AS-AP nzwireless LTD (AS24111) - 1
WXC-AS-NZ WorldxChange (AS17435) - 1
UNLEASH-AS-NZ-AP Unleash Computers Ltd, (AS38477) - 1

I would imagine most of these are misconfigured servers in colocation/cloud, but some might be broadband connections. So NZ ISPs, what are you doing about this?