Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsICT Policies and RegulationTime to name and shame open DNS resolvers?


600 posts

Ultimate Geek
+1 received by user: 5

Trusted

Topic # 115523 28-Mar-2013 15:01
Send private message

So, a 300Gbps DoS attack.  Biggest ever.  So big, it caused problems at the large interexchange points in tier one carriers.

For more information on the attack, CloudFlare has some excellent information. 

http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet

The HackerNews discussion also indicates that some ADSL modems forward DNS requests to the internal network through NAT, so you should check if your IP address is in the list of open resolvers if you're running a DNS server:

http://dns.measurement-factory.com/surveys/openresolvers.html

There are many NZ organisations on the list of open resolvers.  Perhaps we should think about naming and shaming them?

http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/latest.html




---
http://blog.jason.pollock.ca

Create new topic
Infrastructure Geek
4055 posts

Uber Geek
+1 received by user: 195

Trusted
Microsoft NZ
Subscriber

  Reply # 788813 28-Mar-2013 17:08
Send private message

according to the article I read (http://gizmodo.com/5992652/that-internet-war-apocalypse-is-a-lie), this not only did NOT break the internet, it barely even registered.

but back to the original reason for the post.... yeah, probably a good idea to fix the DNS problem this way. Its been around way too long now.




Technical Evangelist
Microsoft NZ
about.me/nzregs
Twitter: @nzregs



600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 788875 28-Mar-2013 18:56
Send private message

Nifty, I hadn't seen that article, only RadioNZ and the NYTimes.

Still, it's interesting to see some rather large names in NZ IT with their IP ranges listed in the open relay list.




---
http://blog.jason.pollock.ca

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software


600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 789155 29-Mar-2013 11:02
Send private message

More information. Looks like the IP addresses at some IX points were globally routable, which allowed them to be individually attacked.

http://cluepon.net/ras/gizmodo




---
http://blog.jason.pollock.ca

BDFL - Memuneh
60005 posts

Uber Geek
+1 received by user: 11106

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 789159 29-Mar-2013 11:05
Send private message

There's a discussion about this already including my reply that this whole thing was just a marketing exercise really.

This topic here seems to be about open DNS responders management, not about "the event".




Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | Backblaze cloud backup (personal and business)My technology disclosure  

 

You can support content creators (and Geekzone) by using the Brave browser.



600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 789305 29-Mar-2013 16:29
One person supports this post
Send private message

Yes, looking at the list in the research, there are a lot of organisations in NZ that should know better.  Hence, should we name and shame them?  I'm talking about orgs that aren't known as ISPs...




---
http://blog.jason.pollock.ca

Mad Scientist
18115 posts

Uber Geek
+1 received by user: 2269

Trusted
Lifetime subscriber

  Reply # 789321 29-Mar-2013 17:40
Send private message

erm ... someone needs to speak english :D

BDFL - Memuneh
60005 posts

Uber Geek
+1 received by user: 11106

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 789343 29-Mar-2013 18:47
Send private message

If you know of any open DNS responders that shouldn't be, let us know sure.




Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | Backblaze cloud backup (personal and business)My technology disclosure  

 

You can support content creators (and Geekzone) by using the Brave browser.



600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 789469 30-Mar-2013 00:07
Send private message

freitasm: If you know of any open DNS responders that shouldn't be, let us know sure.


http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/latest.html

"fgrep -i NZ latest.html" and then pruning out the obviously non-New Zealand organisations, produces

count |  asn   |                             name
26 | 9889 | MAXNET-NZ-AP Auckland
25 | 4770 | ASIAONLINENZ-AS-AP Asia Online New Zealand
20 | 4768 | CLIX-NZ TelstraClear Ltd
15 | 4648 | NZIX-2 Netgate
13 | 17746 | ORCONINTERNET-NZ-AP Orcon Internet
10 | 23655 | SNAP-NZ-AS Snap Internet Limited
7 | 9790 | CALLPLUS-NZ-AP CallPlus Services Limited
6 | 9431 | AKUNI-NZ The University of Auckland
5 | 17916 | CSC-IGN-AUNZ-AP Computer Sciences Corporation
2 | 9245 | COMPASS-NZ-AP COMPASS NZ
2 | 45459 | WEB-DRIVE-NZ-AS-AP Web Drive Limited
2 | 24347 | INTERGEN-WGTN-AS-NZ Intergen Limted. Internet Service Provid
2 | 4771 | NZTELECOM Netgate
2 | 9872 | ITNET-NZ-AS-AP ITNet Ltd
2 | 18021 | UNINET-AS-AP Unisys NZ, IT Outsourcer,
1 | 45215 | ONENET-AS-NZ OneNet Limited.
1 | 36962 | MTNZ-AS
1 | 45138 | CPIT-NZ-AS-AP Christchurch Polytechnic Institute
1 | 38477 | UNLEASH-AS-NZ-AP Unleash Computers Ltd,
1 | 17435 | WXC-AS-NZ WorldxChange
1 | 23934 | TURNSTONE-NZ-AS-AP Turnstone Technologies LTD NZ AS
1 | 24111 | NZWIRELESS-CO-NZ-AS-AP nzwireless LTD




---
http://blog.jason.pollock.ca



600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 789470 30-Mar-2013 00:08
Send private message

joker97: erm ... someone needs to speak english :D


DNS servers which are connected to the Internet should not allow arbitrary clients to perform recursive queries.  Basically, they shouldn't act as a general DNS server for the wider Internet.  If they do, they can be used in a DoS attack.

http://dns.measurement-factory.com/surveys/openresolvers.html




---
http://blog.jason.pollock.ca

526 posts

Ultimate Geek
+1 received by user: 50

Trusted
Internet by Design

  Reply # 789471 30-Mar-2013 00:33
Send private message

jpollock:
freitasm: If you know of any open DNS responders that shouldn't be, let us know sure.


http://dns.measurement-factory.com/surveys/openresolvers/ASN-reports/latest.html

"fgrep -i NZ latest.html" and then pruning out the obviously non-New Zealand organisations, produces

count |  asn   |                             name
26 | 9889 | MAXNET-NZ-AP Auckland
25 | 4770 | ASIAONLINENZ-AS-AP Asia Online New Zealand
20 | 4768 | CLIX-NZ TelstraClear Ltd
15 | 4648 | NZIX-2 Netgate
13 | 17746 | ORCONINTERNET-NZ-AP Orcon Internet
10 | 23655 | SNAP-NZ-AS Snap Internet Limited
7 | 9790 | CALLPLUS-NZ-AP CallPlus Services Limited
6 | 9431 | AKUNI-NZ The University of Auckland
5 | 17916 | CSC-IGN-AUNZ-AP Computer Sciences Corporation
2 | 9245 | COMPASS-NZ-AP COMPASS NZ
2 | 45459 | WEB-DRIVE-NZ-AS-AP Web Drive Limited
2 | 24347 | INTERGEN-WGTN-AS-NZ Intergen Limted. Internet Service Provid
2 | 4771 | NZTELECOM Netgate
2 | 9872 | ITNET-NZ-AS-AP ITNet Ltd
2 | 18021 | UNINET-AS-AP Unisys NZ, IT Outsourcer,
1 | 45215 | ONENET-AS-NZ OneNet Limited.
1 | 36962 | MTNZ-AS
1 | 45138 | CPIT-NZ-AS-AP Christchurch Polytechnic Institute
1 | 38477 | UNLEASH-AS-NZ-AP Unleash Computers Ltd,
1 | 17435 | WXC-AS-NZ WorldxChange
1 | 23934 | TURNSTONE-NZ-AS-AP Turnstone Technologies LTD NZ AS
1 | 24111 | NZWIRELESS-CO-NZ-AS-AP nzwireless LTD



The problem with most on those list is that they're service providers so it's entirely possible that it's their customers that have the open resolvers...




Ask me about Wordpress and Web Servers

 

 

 

Internet by Design

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38

Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55

How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08

How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15

iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13

Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11

111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50

Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41

Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29

Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22

Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18

Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47

Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25

New Zealand Adopts International Open Data Charter
Posted 3-Mar-2018 12:48

Shipments tumble as NZ phone upgrades slow
Posted 2-Mar-2018 11:48


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.