Menu
Reply
  • 101
  • 4
  • 7
Sheza
Up to speed
416 Views
Message 1 of 3
Flag for a moderator

Open DNS Resolver?

Hi all,

Due to Virgin's hub being rubbish, I recently bought a new router to use with the hub in modem mode.

Flash forward to today, I get a letter from Virgin saying they've detected an 'Open DNS Resolver' vulnerability. Given that the timing matches up very closely to the arrival of the new router, and I can't recall anything else changing on my network, I'm assuming this router is causing it.

The router is a WavLink AC Dual Band 1200 Mbps router. I would be most grateful if someone could tell me the sort of thing I need to have enabled in my router settings to disable this vulnerability, even if it's just vague advice for where to look as I haven't a clue. I set the router up with WPA2 security on both bands, beyond that I wasn't aware that anything else needed configuring. 

0 Kudos
Reply
  • 101
  • 4
  • 7
Sheza
Up to speed
374 Views
Message 2 of 3
Flag for a moderator

Re: Open DNS Resolver?

The router was rubbish anyway, so I replaced wit with a TPLink 1750Mbps one.

Turns out that router is so good that it even reduced latency spikes on my home (not contested) connection.
0 Kudos
Reply
  • 1.42K
  • 154
  • 456
Superuser
Superuser
360 Views
Message 3 of 3
Flag for a moderator

Re: Open DNS Resolver?

AFAIK, the letter is based on information provided by 2016-12-22-00.jpeg who search for publicly available recursive DNS servers that will send a reply to any IP address for domains that the DNS server is not authoritative for. You can read more about the Open Resolver Scanning Project and how to test your own devices however most get no further than reading because their OS does not provide the dig command. Thankfully Google provide a web-based equivalent of the dig command which you can try as follows:

  1. Use your favoured search engine to determine your public IP address with the search term “ip”, for example, in Bing.
  2. Go to Google's Dig command web page.
  3. In the Name field enter dnsscan.shadowserver.org
  4. In the Name server field enter the IP address returned by the search engine in step (1)
  5. If Looking up… returned 2016-12-22-01.jpegthen there is currently no device on your network that could account for the report from Shadowserver.
  6. If Looking up… returned an answer then you will need to investigate further to see which device on your network is providing the DNS service.