[SAC] [support.osuosl.org #30012] Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)
Travis Whitehead via RT
support at osuosl.org
Mon Apr 9 15:24:05 PDT 2018
Yep, tracsvn.osgeo.osuosl.org no longer appears to rsepond to my (external)
requests.
Thank you for the quick resolution!
On Mon Apr 09 15:00:01 2018, tech at wildintellect.com wrote:
> Yes, I believe we modified DNSmasq to only take local requests.
> https://trac.osgeo.org/osgeo/ticket/1693#comment:18
>
> On 04/09/2018 01:53 PM, Travis Whitehead via RT wrote:
> > Hello,
> >
> > Any progress/insight on this?
> >
> > Thank you!
> >
> > On Thu Mar 29 17:14:17 2018, tech at wildintellect.com wrote:
> >> I assume this has something to do with how we 'fixed' DNS issues on
> >> Trac. Sandro and Chris, can you figure out how to lock this down
> more?
> >>
> >> Thanks,
> >> Alex
> >>
> >> On 03/29/2018 02:55 PM, OSL Systems Support Team via RT wrote:
> >>> Greetings,
> >>>
> >>> This message has been automatically generated in response to the
> >>> creation of a support ticket call:
> >>>
> >>> "Open DNS Resolver at tracsvn.osgeo.osuosl.org
> >> (140.211.15.71)",
> >>>
> >>> a summary of which appears below.
> >>>
> >>> There is no need to reply to this message right now. Your ticket
> has
> >> been
> >>> assigned an ID of [support.osuosl.org #30012]. Please include this
> >> string
> >>> in the subject line of all future correspondence about this issue.
> >> You may
> >>> also catch us on irc (irc.freenode.net) in #osuosl.
> >>>
> >>>
> >>>
> >>> Thank you.
> >>> support at osuosl.org
> >>>
> >>>
> >>
> -------------------------------------------------------------------------
> >>> Hello OSGeo,
> >>>
> >>> We at the OSL have received a report indicating your project is
> >> running an open
> >>> DNS resolver at tracsvn.osgeo.osuosl.org (140.211.15.71).
> >>>
> >>> Here's a copy of the report:
> >>> On Mon Mar 26 07:43:08 2018, abuse at nero.net wrote:
> >>>> Report: openresolvers
> >>>>
> >>>> Open DNS resolvers are used to generate an increasing number of
> >>>> extremely large DDoS attacks, without any need for infected hosts
> >> to
> >>>> participate. These resolvers may not be compromised, but are open
> >> to
> >>>> abuse by others and pose a threat to the global network
> >> infrastructure.
> >>>> Even if your DNS resolver is not performing recursive queries on
> >> behalf
> >>>> of non-customer clients, it can still be abused to participate in
> a
> >>>> DDoS. We strongly encourage you to filter these queries or
> >> configure
> >>>> your DNS resolver to either refuse or rate-limit its responses.
> >>>>
> >>>> * http://openresolverproject.org/
> >>>> * https://www.dns-oarc.net/oarc/articles/upward-referrals-
> >> considered-harmful
> >>>>
> >>>>
> >>>> event | ip | timestamp | details
> >>>>
> >>
> >
>
------------------+------------------+---------------------+------------------
> >>>> openresolvers | 140.211.15.71 | 2018-03-24 21:52:07 | responding
> >> ip= RCODE=0
> >>> recursion available=1
> >>>>
> >>
> >
>
------------------+------------------+---------------------+------------------
> >>>
> >>> Information about securing open resolvers is available in links in
> >> the report.
> >>> Could you please remedy this?
> >>>
> >>> I'm unsure if I can post to sac at lists.osgeo.org, so I also added
> an
> >> address
> >>> from past correspondence in our ticketing system.
> >>>
> >>> Thanks!
> >>> _______________________________________________
> >>> Sac mailing list
> >>> Sac at lists.osgeo.org
> >>> https://lists.osgeo.org/mailman/listinfo/sac
> >>>
> >>
> >
> >
> > --
> > Travis Whitehead
> > Student Systems Engineer
> > Oregon State University | Open Source Lab
> >
>
--
Travis Whitehead
Student Systems Engineer
Oregon State University | Open Source Lab
More information about the Sac
mailing list