DNS IPv4 Open Resolvers Hosted on LACNIC-Managed Number Resources

Executive Summary

LACNIC CSIRT and CEDIA CSIRT conducted a study to identify open DNS servers associated with an IPv4 address in order to inform the members who were assigned these resources of the situation, suggest alternatives to correct the configuration of their servers, and try to significantly reduce the number of open resolvers in our region. In addition, various means of communication were used to asses their effectiveness.

Open resolvers represent a latent security risk for Internet infrastructure, as these are servers configured in such a way that they can be used to attack third-party infrastructure and carry out denial-of-service attacks.

As far back as March 2013, US-CERT issued TA13-088A,^[1] an alert that warns of the problem and proposes mitigation measures.

Article [+]

^[1] ‹https://us-cert.cisa.gov/ncas/alerts/TA13-088A›