[nsp-sec] 700K Open Resolver List
David Reader
david.reader at zeninternet.co.uk
Wed Apr 15 12:33:19 EDT 2009
ack 13037
concur with Dave F. - the list for 13037 is nearly all DSL subs also.
d.
On Sat, 11 Apr 2009 01:12:15 +0100
"David Freedman" <david.freedman at uk.clara.net> wrote:
> ----------- nsp-security Confidential --------
>
> ack 8426 and 34313,
>
> notice that a number of DSL users on here which makes me think there is another piece of
> cheap CPE on the market with an open recursor again (groan)
>
> Will do some digging when back in the office next week
>
> Dave.
>
>
> ------------------------------------------------
> David Freedman
> Group Network Engineering
> Claranet Limited
> http://www.clara.net
>
>
>
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net on behalf of Eli Dart
> Sent: Sat 4/11/2009 01:09
> To: Stephen Gill
> Cc: NSP-SEC List
> Subject: Re: [nsp-sec] 700K Open Resolver List
>
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ack 291,292,3152
>
> --eli
>
>
> Stephen Gill wrote:
> > ----------- nsp-security Confidential --------
> >
> > Hi Team,
> >
> > I took a somewhat restrictive view of the pcaps we have and parsed out about
> > 700K open resolvers used in the latest DNS amplifier attack across ~10K
> > ASNs. I believe there were closer to 1 Million total.
> >
> > You can find the data split up by ASN here:
> >
> > https://www.cymru.com/nsp-sec/Owned/recursive3/
> >
> > ASNs affected:
> >
> > https://www.cymru.com/nsp-sec/Owned/recursive3/asns.txt
> >
> > Please do not download the entire list and only fetch the ones you have
> > control or influence over.
> >
> > Comments/questions welcome & have a great weekend!
> >
> > Cheers,
> > -- steve
> >
>
> - --
> Eli Dart NOC: (510) 486-7600
> ESnet Network Engineering Group (800) 333-7638
> Lawrence Berkeley National Laboratory
> PGP Key fingerprint = C970 F8D3 CFDD 8FFF 5486 343A 2D31 4478 5F82 B2B3
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAknf38sACgkQLTFEeF+CsrNZyQCcD7luRuw3+WqQkFBcaoWuWcHR
> ZVwAoMgpLzEc8Vh8wJVlVvBGsjZE9tHx
> =YO3X
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list