[SATLUG] open DNS Resolver

Brad Knowles brad at shub-internet.org
Mon Apr 13 13:47:59 CDT 2009


on 4/13/09 1:26 PM, Leif Johnson said:

> I've managed DNS for my school district for some time, but never 
> considered myself an expert. Now I have a complaint that I'm running an 
> "open DNS resolver" Can someone point me to a guide that can help me 
> secure this a bit?

Fortunately, this is one of my areas of specialty.  I was railing 
against Caching Open Recursive Nameservers (CORNs) back in 2002, as one 
part of my invited talk I did at LISA that year (see 
<http://www.shub-internet.org/brad/papers/dnscomparison/>).

A quick search turned up more recent articles at 
<http://www.kb.cert.org/vuls/id/800113>, 
<http://www.us-cert.gov/reading_room/DNS-recursion033006.pdf>, and 
<http://www.seoconsultants.com/tools/dns/recursion/>.

-- 
Brad Knowles
<brad at shub-internet.org>        If you like Jazz/R&B guitar, check out
LinkedIn Profile:                 my friend bigsbytracks on YouTube at
<http://tinyurl.com/y8kpxu>    http://preview.tinyurl.com/bigsbytracks


More information about the SATLUG mailing list