Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Category:Open DNS Resolvers: Difference between revisions

Category:Open DNS Resolvers (view source)

Revision as of 13:50, 18 June 2013

19 bytes added ,  18 June 2013
→‎What is an Open DNS Resolver?
The 'attack' in this sense is more about attacking somebody else on the Internet, but by using your DNS resolver. What happens, is that an attacker sends a DNS request to your router from a spoofed IP address. This spoofed IP address is the IP that the attacker wants to target. Your router then replies to the spoofed IP address with the DNS result. The DNS reply is larger in size to the request, and thus this is an 'amplification' attack. On its own one router won't make a difference, but when the same amplification attack is applied to many routers the aggregate reply traffic can become quite disruptive to the target!
 
<center>
{| class="wikitable"
!colspan="2"|DNS Amplification Attack
!By using multiple open servers, the attacker can bring the victim down
|}
</center>
 
In the past having an open resolver on a router wasn't a problem, and there are many many routers which leave DNS open in their default state, however, this has been exploited and so it is best to disable this feature on routers.
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,270

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/3224