CARVIEW

MOTORHOMES

Select Language

HTTP/2 301 date: Sun, 13 Jul 2025 18:27:42 GMT content-type: text/html; charset=iso-8859-1 location: https://openresolverproject.org/ server: cloudflare host-header: 6b7412fb82ca5edfd0917e3957f05d89 x-proxy-cache: MISS x-proxy-cache-info: 0301 NC:000000 UP: cf-cache-status: DYNAMIC nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jB1GcYYGzI8Ag8oPERImszyGiBlmDZQS67IaAw2EQ5HXME8sH2NSakwMshO15ZCM0QGcwnulDP56I2A4WDSAvEyGN3pz6RRQg0om4et522Bbnz7%2BoaRafYRuxA%3D%3D"}]} cf-ray: 95ead5fd4f930ff2-BOM alt-svc: h3=":443"; ma=86400 HTTP/2 200 date: Sun, 13 Jul 2025 18:27:43 GMT content-type: text/html; charset=UTF-8 server: cloudflare vary: Accept-Encoding x-cache-enabled: True link: ; rel="https://api.w.org/" link: ; rel="alternate"; title="JSON"; type="application/json" link: ; rel=shortlink x-httpd-modphp: 1 host-header: 8441280b0c35cbc1147f8ba998a563a7 x-proxy-cache: HIT report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ehaUmsfaS7elhoyDXblWZVi470DXoDIysBPCpAjxKJlm5UVOJoG1eToRAPsOHvymIDotsZxVxMjwQuuMRslaAEzMbfnpA7xyzko6J9dwnnP5C5ZMkADL"}]} cf-cache-status: DYNAMIC nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding: gzip cf-ray: 95ead6007d823d1e-BOM alt-svc: h3=":443"; ma=86400 Open Resolver Project | Mapping Open DNS Resolvers to Prevent

Open Resolver Project

Open Resolvers pose a significant threat to the global network infrastructure by answering recursive queries for hosts outside of its domain. They are utilized in DNS Amplification attacks and pose a similar threat as those from Smurf attacks commonly seen in the late 1990s.

We have collected a list of 32 million resolvers that respond to queries in some fashion. 28 million of these pose a significant threat (as of 27-OCT-2013). Detailed History and Breakdown

Check my IP space

ipv4-heatmap of 20130519 data heatmap archive

What can I do?

If you operate a DNS server, please check the settings.

Recursive servers should be restricted to your enterprise or customer IP ranges to prevent abuse. Directions on securing BIND and Microsoft nameservers can be found on the Team CYMRU Website - If you operate BIND, you can deploy the TCP-ANY patch

Authoritative servers should not offer recursion, but can still be used in an attack. Configure your Authoritative DNS servers to use DNS RRL [Response Rate Limiting] Knot DNS and NLNetLabs NSD include this as a standard option now. BIND requires a patch.

CPE DEVICES SHOULD NOT listen for DNS packets on the WAN interface, including NETWORK and BROADCAST addresses.

Prevent spoofing on your network!

Configure Source Address Validation/uRPF/BCP-38 on all CPE and Datacenter equipment edges that have fixed IP ranges. This could be as simple as setting ip verify unicast source reachable-via rx on a router interface. Any staticly routed customer should receive this setting by default.

If you are in the security community:

Please contact dns-scan /at/ puck.nether.net for access to raw data.

Additional Information

Informações em Português

We can provide you a List of Open Resolvers by ASN if you e-mail dns-scan /at/ puck.nether.net

Test your IP Now!

DNS DDoS and Security in the News

04-APR-2013 Spamhaus DDoS was just a warning shot

30-MAR-2013 How the Cyberattack on Spamhaus Unfolded

28-MAR-2013 Is Your DNS Server part of a criminal conspiracy?

20-MAR-2013 75Gb/s DDoS against Cloudflare

Presentations:

DNS-OARC May 2013 - slides

NANOG 58 June 2013 - Lightning Talk

Original Source | Taken Source