Due to Virgin's hub being rubbish, I recently bought a new router to use with the hub in modem mode.
Flash forward to today, I get a letter from Virgin saying they've detected an 'Open DNS Resolver' vulnerability. Given that the timing matches up very closely to the arrival of the new router, and I can't recall anything else changing on my network, I'm assuming this router is causing it.
The router is a WavLink AC Dual Band 1200 Mbps router. I would be most grateful if someone could tell me the sort of thing I need to have enabled in my router settings to disable this vulnerability, even if it's just vague advice for where to look as I haven't a clue. I set the router up with WPA2 security on both bands, beyond that I wasn't aware that anything else needed configuring.
AFAIK, the letter is based on information provided by who search for publicly available recursive DNS servers that will send a reply to any IP address for domains that the DNS server is not authoritative for. You can read more about the Open Resolver Scanning Project and how to test your own devices however most get no further than reading because their OS does not provide the dig command. Thankfully Google provide a web-based equivalent of the dig command which you can try as follows:
Use your favoured search engine to determine your public IP address with the search term “ip”, for example, in Bing.