[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wed, May 15, 2013 at 4:26 PM, Gordon Henderson wrote:Do keep in mind that by default the site searches the /22 that your IP
> So use that site to check your own IP address
address belongs to. Which means that you get some information about
open resolvers on your network, which in most cases isn't very useful.
Add /32 to the IP address to make it search only you.
Running an open resolver means the machine can be used in a DNS
amplification (aka DNS reflection aka Smurf) attack: the attacker
sends a small request, from a forged address, that gives a known large
response. The response will be sent to the forged address. If the
attacker makes enough such requests, this becomes a DDoS attack on
said forged address.
It's been a big problem for quite some time.
Martijn.
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq