OpenDNS Checker
Automatic and Manual Testing for Open Resolvers
On a monthly basis we scan customer IPv4 blocks to look for DNS servers; we will email if any are found to be open to possible abuse. There is no problem in customers running DNS servers but depending on its configuration it may be vulnerable to 'amplification attacks'.
There is a page on the AAISP control pages that lists your IPs that have an open DNS server running, and can also re-scan your IP blocks (IPv4). AAISP will re-scan automatically every so often and will alert customers by email if an open DNS resolver is found. Sorry, but we don't have enough time to scan IPv6 addresses :-)
Accessing This Feature
Access is via the Control Pages as follows:
- Log in to the Control Pages with your xxx@a login
- either: a) click on one of your IPv4 addresses, and then click the 'View/run' link
- or b) Click the 'DNS Resolvers' link on the left menu
- ...follow the instructions from there
You will be able run a scan there and then and also view historical results.
Disabling Automatic Scans
On a per IP block basis you can disable our regular scans. From the Control Pages, click on the IP block and change the setting.
You will still be able to run the checks manually.