Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mystdeim2014-11-15 11:14:31
Domain Name System
mystdeim, 2014-11-15 11:14:31

What is an open resolver?

There is a small VPS on linode, the hoster sent the following letter:

It has come to our attention that your Linode is running an open resolver. This is a concern because this configuration means your Linode could be utilized in a DNS amplification attack. We kindly ask that you investigate this matter as soon as possible and take appropriate action.
If you are running a resolver as part of your networking configuration, you will likely want to adjust your configuration so that only authorized requests are accepted. If you are intentionally running an open resolver, please let us know why this is so, and what steps you are taking to mitigate abuse so we can note your account appropriately.
We would appreciate an update on this matter as soon as possible. If we do not hear from you in a timely manner we will be forced to take appropriate steps to ensure the integrity of our network..

Please tell me how to solve the problem.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
S
Sergey Petrikov, 2014-11-15
@RicoX

Here is a description of the solution to your problem blogerator.ru/page/dns-amplification-ddos-otrazhen... if you need not only a solution but also an understanding of what it is, read the first part of this article.

Report
B
brutal_lobster, 2014-11-15
@brutal_lobster

This means that your server is running a DNS that accepts recursive requests from the Internet.
If you do not have any zone spinning on it, feel free to block incoming dns with a firewall.
And set the limit of recursive requests only from certain addresses.

Report
T
throughtheether, 2014-11-15
@throughtheether

What is an open resolver?
In this context, a DNS server that answers recursive queries to any host. If a malicious host spoofs the source IP address and forms a request that has a significant response size, then it can generate (using your server) a significant amount of traffic to an arbitrary target. This is often used to carry out DDoS attacks (a technique called DNS Amplification).
Please tell me how to solve the problem.
Find a DNS server on your VPS. Then change its settings accordingly ( example , another example ) or deactivate it if it is not needed.

Similar questions
S
Sinot2021-11-01 17:02:05
Why doesn't CNAME work on computers in a non-domain? 2Reply
A
Alexey2018-08-15 22:23:22
NodeJs web server and Cloudflare. Will it be possible to win? 2Reply
S
Sanes2014-01-04 23:03:36
How does a 1&1 registrar determine Fixed IP for their own NS? 2Reply
D
Dimbos_s2020-08-01 19:58:24
How to set up an ssl certificate and VPS? 1Reply
D
Diversia2020-08-02 15:41:17
Will the site be unavailable when changing DNS servers? 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question