[SAC] [support.osuosl.org #30012] AutoReply: Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)

OSL Systems Support Team via RT support at osuosl.org
Thu Mar 29 14:55:38 PDT 2018 

Greetings,

This message has been automatically generated in response to the
creation of a support ticket call:

        "Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)",

a summary of which appears below.

There is no need to reply to this message right now. Your ticket has been
 assigned an ID of [support.osuosl.org #30012]. Please include this string
in the subject line of all future correspondence about this issue.  You may
 also catch us on irc (irc.freenode.net) in #osuosl.



                        Thank you.
                        support at osuosl.org

-------------------------------------------------------------------------
Hello OSGeo,

We at the OSL have received a report indicating your project is running an open
DNS resolver at tracsvn.osgeo.osuosl.org (140.211.15.71).

Here's a copy of the report:
On Mon Mar 26 07:43:08 2018, abuse at nero.net wrote:
>Report: openresolvers
>
>Open DNS resolvers are used to generate an increasing number of
>extremely large DDoS attacks, without any need for infected hosts to
>participate. These resolvers may not be compromised, but are open to
>abuse by others and pose a threat to the global network infrastructure.
>Even if your DNS resolver is not performing recursive queries on behalf
>of non-customer clients, it can still be abused to participate in a
>DDoS. We strongly encourage you to filter these queries or configure
>your DNS resolver to either refuse or rate-limit its responses.
>
>* http://openresolverproject.org/
>* https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful
>
>
>event | ip | timestamp | details
>------------------+------------------+---------------------+------------------
>openresolvers | 140.211.15.71 | 2018-03-24 21:52:07 | responding ip= RCODE=0
recursion available=1
>------------------+------------------+---------------------+------------------

Information about securing open resolvers is available in links in the report.
Could you please remedy this?

I'm unsure if I can post to sac at lists.osgeo.org, so I also added an address
from past correspondence in our ticketing system.

Thanks!

More information about the Sac mailing list