Open DNS Resolver

Back To Online Support

You may be wondering what is an Open DNS Resolver and why did my ISP send me a notice about it?

Here are some FAQs which will give you a better understanding of what it is and how to resolve it.

FAQs:

What is an Open DNS Resolver?

It is an open DNS server that responds to DNS requests such as recursive DNS lookups for anyone on the Internet. I.E. Open DNS servers are used to help your own computer lookup everyday domains you use and return their IP addresses.

Do Open DNS Resolvers pose any threat?

Unfortunately yes, Open DNS Resolvers can pose a significant threat to the global network infrastructure by answering recursive queries for hosts outside of its scope.

Hackers have found Open DNS Resolvers useful in performing special types of DDOS attacks called 'DNS Amplification Attacks'

There are a few forms of attacks.

  1. A hacker sends a recursive DNS query with a spoofed from-ip-address in the IP packet header to some DNS server. The DNS server then sends a DNS response packet back, not to the hacker, but to the spoofed IP address. This DNS response packet may be many times larger than the DNS query packet, and this way the DNS server amplifies the traffic sent to the victim.
  2. "Brute force" - the username and passwords on routers are hacked and the user's DNS settings are pointed to corrupt DNS servers
  3. Malware (the least common)

When was my IP last tested?

Scans will happen throughout the day. IPs listed as Open DNS Resolvers will be rescanned every hour.

How do I get my IP de-listed?

IPs will be automatically delisted after the hourly scan no longer detects the Open DNS Resolver. Manual delisting is not an option

What is the longest time my IP will be listed?

IP addresses will be listed as long as they test as Open DNS Resolvers.

How do I know if I have an Open DNS Resolver?

Your Internet Service Provider would normally inform you if you have an Open DNS Resolver.

If you have your Internet connection with iSAT, we will send you a notification with steps on how to resolve it.

Another way to check if you have an iSAT Internet Connection is by doing a lookup via the following link: http://dns.lookup.bl.isdsl.net/username

This will take you to the following site:

Open DNS Resolver Lookup

Here you enter your Connection Username in the space provided and click Lookup. If you aren't listed, the following result will show.

Open DNS Resolver Lookup - Not Listed

If you are listed, it will tell you when it first occurred and when the last occurrence was. For Example:

"Username abc001-cn1@dsl-uc.isat.co.za was found on open dns resolver blacklist.

It was detected at 2014-03-24 06:31:50 (+/- 30 minutes) and last seen at 2014-04-03 14:05:23 (+/- 30 minutes) on 196.210.128.101

How do I resolve an Open DNS Resolver

  1. Ensure that all antivirus programs are up to date and run a scan.
  2. Ensure that you don't have static DNS settings in your router and that it is set to be detected automatically.
  3. What we have also found resolves the problem, is if you reset the router to factory defaults and re-enter in all the details into the router.
  4. If you have server(s) or a special network setup, it is advisable to get your network administrator to have a look at the security of the network.

Should you need assistance, please feel free to call us on 086 123 4728.

Regards,
The iSAT Team


Back to top