[dns-operations] About open DNS resolvers
lyle at lcrcomputer.net
Mon Aug 20 21:03:03 UTC 2012
On 8/20/2012 12:12 PM, esolve esolve wrote:
> Hi, all:
> I'm interested in issues on open DNS resolvers. In the following
> It discusses how to probe open resolvers, but I have some questions
> 1 about the testing methodology, it needs to build a DNS server
> and check whether it receives queries. Why can we just use "dig
> @target_ip www.example.com <http://www.example.com>" and see whether we
> can get a result?
> 2 for testing whether a ip is open resolver, the page recommends
> to use the following command line:
> dig +short
> 22.214.171.124.dnsbl.openresolvers.org <http://126.96.36.199.dnsbl.openresolvers.org>
> I test many IPs from the link:
> , and I got null results, which means
> they are not open resolvers or they havn't been probed. for example,
> I tested 188.8.131.52 and got null result
> [usr at canard usr]$ dig
> +short 184.108.40.206.dnsbl.openresolvers.org
> [usr at canard usr]$
> But since I tested many ips and only got null results. Is my
> testing wrong or not?
> 3 I tried
> dig @220.127.116.11 <http://18.104.22.168> www.google.com
> and got no good results, but in the page, 22.214.171.124 is an open resolver
> 4 is there anybody who has a open resolver list? if so, can you
> send me a copy? I need them to do some tests, thanks!
You got things reversed.
in step 2, the open resolver is at 126.96.36.199, not 188.8.131.52. But you test
against an rbl using the reverse of the ip address.
If you run dig @184.108.40.206 www.google.com, you will find that it is indeed
an open resolver.
If you think 220.127.116.11 is an open resolver then the query to
LCR Computer Services, Inc.
More information about the dns-operations