[nsp-sec] New Daily Reports Category: Open Resolvers

Hank Nussbacher hank at efes.iucc.ac.il
Tue Jul 28 00:34:37 EDT 2009 

At 12:15 27/07/2009 -0400, Tim Wilde wrote:
>----------- nsp-security Confidential --------
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Greetings Everyone!
>
>As I mentioned at the top of the Daily Reports summary for this week
>(you do all read those, don't you? :)), Team Cymru has today publicly
>announced the Million Plus Open Resolver Challenge (or, more succinctly,
>the Open Resolvers project).  You can read more on the public web page
>about this project:
>
>         <http://www.team-cymru.org/Services/Resolvers/>
>
>The data from this project is also being automatically included in your
>NSP-SEC Daily Reports feeds, as a new category.

Didn't appear in this morning's ASN report feed.

Regards,
-Hank

>  You can find the
>category description page for this new category, named "openresolvers",
>here:
>
>         <https://www.cymru.com/nsp-sec/dailyreports/openresolvers.html>
>
>Please remember that the NSP-SEC section of our web site is secured with
>your NSP-SEC mailing list credentials, please see the mailing list
>interface on puck to reset your password if you do not know it.
>
>IMPORTANT NOTE: Unlike our other categories, the fact that a host is
>running an open resolver does not inherently mean it is "bad", so you
>may want to treat this category differently than the other data you are
>receiving from us.  Open resolvers are not necessarily an indication of
>compromise (though they can be), so the actions you take will depend
>upon your local policies.
>
>Open resolver scanning is performed once per week, at semi-random
>intervals, so you will not see reports in this category every day like
>our other reports.  I do not believe the probing for this week has run
>yet, so you should see data in this category at some time this week.  If
>you want to see example data, you can look for your ASN in the previous
>run from last week here:
>
><https://www.cymru.com/nsp-sec/dailyreports/openresolver/list/20090724/>
>
>Please note that the above link will only be good until around 0800 ET
>tomorrow, so you need to check it out today or wait for the live run
>later this week. :)  You'll receive e-mail notifications for this
>category as usual.
>
>As always, feedback is welcomed and greatly appreciated!  Feel free to
>follow up on-list, with me directly, or to the team at
>team-cymru at cymru.com.  Thanks for your support and assistance in the
>effort to keep the Internet clean!
>
>Best regards,
>Tim Wilde
>
>- --
>Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
>twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.9 (MingW32)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
>iEYEARECAAYFAkpt0pEACgkQluRbRini9tjHYACfWa6bTzfNFiQqRpyXE1fLmPOg
>1agAnj6OzgNNQVRfhkqYpOeBHs6+kJI9
>=Hd56
>-----END PGP SIGNATURE-----
>
>
>_______________________________________________
>nsp-security mailing list
>nsp-security at puck.nether.net
>https://puck.nether.net/mailman/listinfo/nsp-security
>
>Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
>community. Confidentiality is essential for effective Internet security 
>counter-measures.
>_______________________________________________

More information about the nsp-security mailing list