Solving open resolver | HunCERT group

The open resolver is a DNS resolver, which receives queries from every IP-address and is openly accessible on the internet. Open resolvers can be used by cybercriminals for DNS reinforcement attacks against 3rd parties, are sensitive to DNS-cache-poisoning, and can be exploited in the case of other DNS attacks.

For verifying DNS servers, we recommend the open resolver test page.

The easiest way to remedy the open resolver problem is to reduce the addresses on which the server can perform recursive queries to local sub-networks. The steps of the exact project vary based on which kind of DNS server we are using.

For more details, we suggest viewing the description of trasnip or the infoblox's related blog entry.

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.