OpenDNS Checker: Difference between revisions
mNo edit summary |
mNo edit summary |
||
| Line 1: | Line 1: | ||
=Automatic and Manual Testing for Open Resolvers= |
=Automatic and Manual Testing for Open Resolvers= |
||
| ⚫ | There is a page on the AAISP control pages that lists your IPs that have an open DNS server running, and can also re-scan your IP blocks (IPv4). AAISP will re-scan automatically every so often and will alert customers by email if an open DNS resolver is found. Sorry, but we don't have enough time to scan IPv6 addresses |
||
On a monthly basis we scan customer IPv4 blocks to look for DNS servers; we will email if any are found to be open to possible abuse. There is no problem in customers running DNS servers but depending on its configuration it may be vulnerable to 'amplification attacks'. |
|||
| ⚫ | There is a page on the AAISP control pages that lists your IPs that have an open DNS server running, and can also re-scan your IP blocks (IPv4). AAISP will re-scan automatically every so often and will alert customers by email if an open DNS resolver is found. Sorry, but we don't have enough time to scan IPv6 addresses :-) |
||
{{CPbox|#either: a) click on one of your IPv4 addresses, and then click the 'View/run' link |
{{CPbox|#either: a) click on one of your IPv4 addresses, and then click the 'View/run' link |
||
| Line 6: | Line 10: | ||
#...follow the instructions from there}} |
#...follow the instructions from there}} |
||
You will be able run a scan there and then and also view historical results. |
|||
Log in to the [https://clueless.aa.net.uk/ Control Pages], and then either click on one of your IPv4 addresses or a broadband line. On these pages you'll see a link to the open DNS page. |
|||
==Disabling Automatic Scans== |
==Disabling Automatic Scans== |
||
Revision as of 09:13, 14 April 2015
Automatic and Manual Testing for Open Resolvers
On a monthly basis we scan customer IPv4 blocks to look for DNS servers; we will email if any are found to be open to possible abuse. There is no problem in customers running DNS servers but depending on its configuration it may be vulnerable to 'amplification attacks'.
There is a page on the AAISP control pages that lists your IPs that have an open DNS server running, and can also re-scan your IP blocks (IPv4). AAISP will re-scan automatically every so often and will alert customers by email if an open DNS resolver is found. Sorry, but we don't have enough time to scan IPv6 addresses :-)
Accessing This Feature
Access is via the Control Pages as follows:
- Log in to the Control Pages with your xxx@a login
- either: a) click on one of your IPv4 addresses, and then click the 'View/run' link
- or b) Click the 'DNS Resolvers' link on the left menu
- ...follow the instructions from there
You will be able run a scan there and then and also view historical results.
Disabling Automatic Scans
On a per IP block basis you can disable our regular scans. From the Control Pages, click on the IP block and change the setting.
You will still be able to run the checks manually.