DNS Problem Linked To DDoS Attacks Gets Worse

itwbennett writes "The percentage of devices on the Internet that are configured to accept DNS queries from anywhere — what networking experts call an 'open recursive' or 'open resolver' system — has jumped from around 50 percent in 2007 to nearly 80 percent this year, according to research sponsored by DNS appliance company Infoblox. As more consumers demand broadband Internet, service providers are rolling out modems configured this way to their customers, said Cricket Liu, vice president of architecture with Infoblox. Georgia Tech researcher David Dagon agreed that open recursive systems are on the rise, in part because of 'the increase in home network appliances that allow multiple computers on the Internet. ... Almost all ISPs distribute a home DSL/cable device. Many of the devices have built-in DNS servers. These can sometimes ship in "open by default" states.' What's worse, says Dagon, is that many of these devices do not include patches for a widely publicized DNS flaw discovered by researcher Dan Kaminsky last year."

Re:is this a problem

[RiotingPacifist]

1) If there is a flaw in the software, i can tell you DNS server that I slashdot is at 80.65.228.129 or that your bank resolves to my MITM attack site.
2) I can use up all of your routers resources and then you can't lookup any sites yourself

Re:Trying to make something from nothing.

[icebraining]

No, they're not, according to the summary: "devices on the Internet that are configured to accept DNS queries from anywhere", "Almost all ISPs distribute a home DSL/cable device. Many of the devices have built-in DNS servers. These can sometimes ship in "open by default" states.'

Just because yours is closed by default, doesn't mean all are.

Re:For starters

[TheRaven64]

Devices like this should only accept DNS requests from the local network (not from the Internet) and should, unless explicitly configured to perform recursive queries, forward them to the ISP's cache.