Category:Open DNS Resolvers: Difference between revisions

From AAISP Support Site
No edit summary
Line 5: Line 5:


It is quite common for DSL routers to respond to these DNS requests on the WAN side as well as the LAN - this means that other people on the Internet can use your router to do their DNS look ups. It also means that 'attackers' can take advantage of this and use your router to attack someone else. This will use up bandwidth on your line.
It is quite common for DSL routers to respond to these DNS requests on the WAN side as well as the LAN - this means that other people on the Internet can use your router to do their DNS look ups. It also means that 'attackers' can take advantage of this and use your router to attack someone else. This will use up bandwidth on your line.

In the past having an open resolver on a router wasn't a problem, and there are many many routers which leave DNS open in their default state, however, this has been exploited and so it is best to disable this feature on routers.


This is often referred to as 'DNS Amplification Attacks'.
This is often referred to as 'DNS Amplification Attacks'.
Line 13: Line 15:




=How to Fix Routers?=






Revision as of 11:40, 18 Haziran 2013

What is an Open DNS Resolver?

Every day, all the time we all use DNS to look up names on the Internet - ie, when you put bbc.co.uk in your browser, your computer needs to look up the IP address of the BBC's web server. To do this it will use DNS. The DNS server will respond back to your computer with the information.

AAISP customers normally use the AAISP DNS servers, or often their own router.

It is quite common for DSL routers to respond to these DNS requests on the WAN side as well as the LAN - this means that other people on the Internet can use your router to do their DNS look ups. It also means that 'attackers' can take advantage of this and use your router to attack someone else. This will use up bandwidth on your line.

In the past having an open resolver on a router wasn't a problem, and there are many many routers which leave DNS open in their default state, however, this has been exploited and so it is best to disable this feature on routers.

This is often referred to as 'DNS Amplification Attacks'.

Fixing Routers

See the pages below for details on specific routers


How to Fix Routers?