[SAC] [support.osuosl.org #30012] AutoReply: Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)

Alex M tech_dev at wildintellect.com
Thu Mar 29 17:14:04 PDT 2018 

I assume this has something to do with how we 'fixed' DNS issues on
Trac. Sandro and Chris, can you figure out how to lock this down more?

Thanks,
Alex

On 03/29/2018 02:55 PM, OSL Systems Support Team via RT wrote:
> Greetings,
> 
> This message has been automatically generated in response to the
> creation of a support ticket call:
> 
>         "Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)",
> 
> a summary of which appears below.
> 
> There is no need to reply to this message right now. Your ticket has been
>  assigned an ID of [support.osuosl.org #30012]. Please include this string
> in the subject line of all future correspondence about this issue.  You may
>  also catch us on irc (irc.freenode.net) in #osuosl.
> 
> 
> 
>                         Thank you.
>                         support at osuosl.org
> 
> -------------------------------------------------------------------------
> Hello OSGeo,
> 
> We at the OSL have received a report indicating your project is running an open
> DNS resolver at tracsvn.osgeo.osuosl.org (140.211.15.71).
> 
> Here's a copy of the report:
> On Mon Mar 26 07:43:08 2018, abuse at nero.net wrote:
>> Report: openresolvers
>>
>> Open DNS resolvers are used to generate an increasing number of
>> extremely large DDoS attacks, without any need for infected hosts to
>> participate. These resolvers may not be compromised, but are open to
>> abuse by others and pose a threat to the global network infrastructure.
>> Even if your DNS resolver is not performing recursive queries on behalf
>> of non-customer clients, it can still be abused to participate in a
>> DDoS. We strongly encourage you to filter these queries or configure
>> your DNS resolver to either refuse or rate-limit its responses.
>>
>> * http://openresolverproject.org/
>> * https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful
>>
>>
>> event | ip | timestamp | details
>> ------------------+------------------+---------------------+------------------
>> openresolvers | 140.211.15.71 | 2018-03-24 21:52:07 | responding ip= RCODE=0
> recursion available=1
>> ------------------+------------------+---------------------+------------------
> 
> Information about securing open resolvers is available in links in the report.
> Could you please remedy this?
> 
> I'm unsure if I can post to sac at lists.osgeo.org, so I also added an address
> from past correspondence in our ticketing system.
> 
> Thanks!
> _______________________________________________
> Sac mailing list
> Sac at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/sac
>

More information about the Sac mailing list