[Driftstörning] Re: Block DNS servers on WiFi (eduroam & NOMAD) [ChalmersIRT #87979] #1497093@chalmers.se

[Gunnar Lindberg]

Early bird.
Change performed.

	Gunnar Lindberg, Chalmers IRT, ITS Nät/CDG & cth-nic

>From Gunnar.Lindberg at chalmers.se Thu Mar  6 08:09:47 2014
>Date: Thu, 6 Mar 2014 08:09:45 +0100
>Message-ID: <201403060709.s2679jHk022254 at stats2.cdg.chalmers.se>
>From: Gunnar Lindberg <Gunnar.Lindberg at chalmers.se>
>To: <driftstorning at lists.chalmers.se>
>Subject: Block DNS servers on WiFi (eduroam & NOMAD) [ChalmersIRT #87979] #1497093 at chalmers.se
>CC: <abuse at chalmers.se>, <cth-nic at chalmers.se>

>Thu 2014-03-13 c:a 08:00

>We will block access to DNS servers located on eduroam & NOMAD WiFi
>network.

>Expected impact of this change is none or negligible.

>No such servers are expected to be on eduroam or NOMAD WiFi net;
>regardless we get numerous reports about misconfigured DNS servers.
>They can be used for DDoS attacks. The owners doesn't even seem to
>know about them, let alone what to do to fix them. Hosts on eduroam
>or NOMAD WiFi net does not need to run a DNS server that the entire
>Internet can talk to. Therefore we have now blocked Internet access
>to that kind of service on eduroam & NOMAD WiFi net.

>It is still possible to run a Cache Only DNS server on the hosts,
>and use it locally from the host itself.

>Technical details: We have blocked 53/udp traffic to hosts on the
>eduroam or NOMAD WiFi net(*).

>	Gunnar Lindberg, Chalmers IRT

>Ref(*)
>    Use your favorite search tool for [DNS Amplification Attacks].