75
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
m (→What is an Open DNS Resolver?: minor cleanup) |
m (update clueless to control) |
||
(17 intermediate revisions by 3 users not shown) | |||
==What is an
Every day, each time we use DNS to look up names and IPs on the Internet -
AAISP customers normally use the AAISP DNS servers, or often their own router.
<center>
{| class="wikitable"
!colspan="2"|DNS
|-
|[[File:Opendns1.png|300px|DNS attack]]
</center>
In the past having an open resolver on a router wasn't a problem, and there are many many routers which leave DNS open in their default state
This is often referred to as a 'DNS
==What if I run a DNS server on purpose?==
It is quite legitimate for people to run DNS servers on their network, and we are happy for them to do so - in these cases access to them should be restricted or limited.
If you run an authoritative DNS server, configure it only to return records for your domain.
If you run a caching resolver, configure it to only return records for your users (firewall to only allow your users), and consider implementing rate-limiting.
You can disable our automatic scanning, see [[#Disabling Automatic Scans]] below.
=How to prevent this?=
See the pages below for details on specific routers
=Automatic and Manual Testing for
There is a page on the AAISP control pages that lists your IPs that have an open DNS server running, and can also re-scan your IP blocks (IPv4). AAISP will re-scan automatically every
Log in to the [https://
==Disabling Automatic Scans==
On a per IP block basis you can disable our regular scans. From the Control Pages, click on the IP block and change the setting.
[[File:DNS-Check-flag.png|border]]
You will still be able to run the checks manually.
▲Log in to the [https://clueless.aa.net.uk/ Control Pages], and then either click on one of your IPv4 addresses or a broadband line. On these pages you'll see a link to the open DNS page.
[[Category:
[[Category:DNS]]
[[Category:Diagnostic Tools]]
|
edits