Hi all,
According to the German CERT-Bund Reports, DNS Open-resolvers can be abused for DDoS reflection attacks against third parties. They describe a simple test to discover if a server has this issue. One can execute the following command (replacing the IP with the server IP which we want to test)
An open resolver allowing recursive queries will return a response with status NOERROR, whereas an open resolver not allowing recursive queries will return a response with status REFUSED.
One of my servers, which uses Debian 12.5, has a DNS open resolver. However, I don't know how to avoid the open resolver. Some instructions say I should modify the BIND configuration. However, it seems BIND is not installed on the server:
How can I disallow recursive queries?
How can I disallow the open resolver? I think I don't need it.
According to the German CERT-Bund Reports, DNS Open-resolvers can be abused for DDoS reflection attacks against third parties. They describe a simple test to discover if a server has this issue. One can execute the following command (replacing the IP with the server IP which we want to test)
Code:
$ dig cert-bund.de @192.168.45.67One of my servers, which uses Debian 12.5, has a DNS open resolver. However, I don't know how to avoid the open resolver. Some instructions say I should modify the BIND configuration. However, it seems BIND is not installed on the server:
Code:
$ aptitude show bind9Package: bind9 Version: 1:9.18.24-1State: not installed...How can I disallow the open resolver? I think I don't need it.
Statistics: Posted by 818erm9x1 — 2024-03-17 19:56 — Replies 0 — Views 8