[nsp-sec] New Daily Reports Category: Open Resolvers

Tim Wilde twilde at cymru.com
Mon Jul 27 12:15:13 EDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings Everyone!

As I mentioned at the top of the Daily Reports summary for this week
(you do all read those, don't you? :)), Team Cymru has today publicly
announced the Million Plus Open Resolver Challenge (or, more succinctly,
the Open Resolvers project).  You can read more on the public web page
about this project:

	<http://www.team-cymru.org/Services/Resolvers/>

The data from this project is also being automatically included in your
NSP-SEC Daily Reports feeds, as a new category.  You can find the
category description page for this new category, named "openresolvers",
here:

	<https://www.cymru.com/nsp-sec/dailyreports/openresolvers.html>

Please remember that the NSP-SEC section of our web site is secured with
your NSP-SEC mailing list credentials, please see the mailing list
interface on puck to reset your password if you do not know it.

IMPORTANT NOTE: Unlike our other categories, the fact that a host is
running an open resolver does not inherently mean it is "bad", so you
may want to treat this category differently than the other data you are
receiving from us.  Open resolvers are not necessarily an indication of
compromise (though they can be), so the actions you take will depend
upon your local policies.

Open resolver scanning is performed once per week, at semi-random
intervals, so you will not see reports in this category every day like
our other reports.  I do not believe the probing for this week has run
yet, so you should see data in this category at some time this week.  If
you want to see example data, you can look for your ASN in the previous
run from last week here:

<https://www.cymru.com/nsp-sec/dailyreports/openresolver/list/20090724/>

Please note that the above link will only be good until around 0800 ET
tomorrow, so you need to check it out today or wait for the live run
later this week. :)  You'll receive e-mail notifications for this
category as usual.

As always, feedback is welcomed and greatly appreciated!  Feel free to
follow up on-list, with me directly, or to the team at
team-cymru at cymru.com.  Thanks for your support and assistance in the
effort to keep the Internet clean!

Best regards,
Tim Wilde

- -- 
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpt0pEACgkQluRbRini9tjHYACfWa6bTzfNFiQqRpyXE1fLmPOg
1agAnj6OzgNNQVRfhkqYpOeBHs6+kJI9
=Hd56
-----END PGP SIGNATURE-----

More information about the nsp-security mailing list