Hi esolve.<br><br>I have good news for you ;-)<br><br>1. Try this service to check DNS servers: <b> <a href="http://porttest.dns-oarc.net">porttest.dns-oarc.net</a></b><br>You can check if it's an open resolver and get the "backend" IP.<br>

Example:<br>dig @<a href="http://208.67.222.222">208.67.222.222</a> <a href="http://porttest.dns-oarc.net">porttest.dns-oarc.net</a> txt<br><br>; <<>> DiG 9.7.3 <<>> @<a href="http://208.67.222.222">208.67.222.222</a> <a href="http://porttest.dns-oarc.net">porttest.dns-oarc.net</a> txt<br>

; (1 server found)<br>;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56520<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>

;<a href="http://porttest.dns-oarc.net">porttest.dns-oarc.net</a>.         IN      TXT<br><br>;; ANSWER SECTION:<br><a href="http://porttest.dns-oarc.net">porttest.dns-oarc.net</a>.  60      IN      CNAME   <a href="http://porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net">porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net</a>.<br>

<a href="http://porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net">porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net</a>. 60 IN TXT "<b>208.69.35.15</b> is GREAT: 26 queries in 3.8 seconds from 26 ports with std dev 18197"<br>

<br>;; Query time: 4209 msec<br>;; SERVER: 208.67.222.222#53(208.67.222.222)<br>;; WHEN: Tue Aug 21 02:32:54 2012<br>;; MSG SIZE  rcvd: 209<br><br>This means that the server 208.67.222.222 is an open resolver and use resolve the query using another IP addr. <br>

<br>2.Do you need an IP addr list? You'll like this:<b> <a href="http://www.chaz6.com/files/resolv.conf">http://www.chaz6.com/files/resolv.conf</a><br></b><br>Would you like to read some about DNS? OpenEmmiter? DNS Proxy?<br>

<br><ul><li>Malware distribution using DNS servers: <a href="http://www.slideshare.net/rootedcon/francisco-jess-gmez-carlos-juan-diaz-cloud-malware-distribution-dns-will-be-your-friend-rootedcon-2011">http://www.slideshare.net/rootedcon/francisco-jess-gmez-carlos-juan-diaz-cloud-malware-distribution-dns-will-be-your-friend-rootedcon-2011</a></li>

<li>DNS Servers as botnet cover channel: <a href="http://www.slideshare.net/ffranz/rootedcon2012-dns-a-botnet-dialect-carlos-diaz-francisco-j-gomez">http://www.slideshare.net/ffranz/rootedcon2012-dns-a-botnet-dialect-carlos-diaz-francisco-j-gomez</a></li>

<li>OpenNIC tier2 (openresolvers) survey: <a href="http://www.iniqua.com/2011/06/28/opennic-tier2-servers-minimal-survey/?lang=en">http://www.iniqua.com/2011/06/28/opennic-tier2-servers-minimal-survey/?lang=en</a></li></ul>

<br>Finally, if you are developing some service DNS related and need help, please count on me.<br clear="all">-<br><i>@</i><i>ffranz</i> (cc) 2012<br>
<br><br><div class="gmail_quote">On Mon, Aug 20, 2012 at 7:12 PM, esolve esolve <span dir="ltr"><<a href="mailto:esolvepolito@gmail.com" target="_blank">esolvepolito@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


Hi, all:<br><br>       I'm interested in issues on open DNS resolvers. In the following page, <br>          <span><a href="http://dns.measurement-factory.com/surveys/openresolvers.html" target="_blank">http://dns.measurement-factory.com/surveys/openresolvers.html</a></span><br>



<br>      It discusses how to probe open resolvers, but I have some questions<br><br>      1
 about the testing methodology, it needs to build a DNS server and check
 whether it receives queries. Why can we just use "dig @target_ip <span><a href="http://www.example.com" target="_blank">www.example.com</a></span>" and see whether we can get a result?<br>
<br>      2 for testing whether a ip is open resolver, the page recommends to use the following command line:<br>                               dig +short <a href="http://2.2.2.4.dnsbl.openresolvers.org" target="_blank">2.2.2.4.dnsbl.openresolvers.org</a>  <br>



         <br>         I test many IPs from the link: <span><a href="http://www.petercooper.co.uk/list-of-public-dns-servers-you-can-use-40.html" target="_blank">http://www.petercooper.co.uk/list-of-public-dns-servers-you-can-use-40.html</a></span> , and I got null results, which means<br>



 they are not open resolvers or they havn't been probed.  for example, I tested 67.138.54.100 and got null result<br><br>                                             [usr@canard usr]$ dig +short <a href="http://67.138.54.100.dnsbl.openresolvers.org" target="_blank">67.138.54.100.dnsbl.openresolvers.org</a><br>



                                             [usr@canard usr]$ <br>  <br>          But since I tested many ips and only got null results. Is my testing wrong or not?<br><br>     3 I tried <br>                           dig @<a href="http://2.2.2.4" target="_blank">2.2.2.4</a> <span><a href="http://www.google.com" target="_blank">www.google.com</a></span><br>



        
and got no good results, but in the page, 2.2.2.4 is an open resolver<br><br>     4 is there anybody who has a open resolver list?  if so, can you send me a copy? I need them to do some tests, thanks!
<br>_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations%0Adns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations<br>
dns-jobs</a> mailing list<br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-jobs</a><br></blockquote></div><br>