posted Mar 18, 2013, 8:11 AM by Robert Wilcox
The Eaton County D-star repeaters are currently offline to the internet and will be that way until we can rebuild the gateway computer. Watch your gateways!! Here is the letter received by AT&T…
A host accessible from the Internet at IP address (number removed) from your Internet service has been recently used in at least one distributed denial of service attack (DDOS) against another organization on the Internet. This letter is intended to help you resolve this problem and protect your service.
These attacks have been facilitated through DNS amplification attacks. AT&T has detected these attacks and has confirmed that the IP address (Number removed) allocated to your Internet access account is accessible from the Internet as an open DNS resolver. An open DNS resolver allows users on the Internet to perform DNS requests on your server. At least one malicious actor has been found to abuse your DNS service to attack other Internet subscribers. This abuse presents additional load on your Internet access and your server, which could result in unreliable service.
An open DNS resolver is considered an insecure configuration and in the majority of cases, Internet subscribers should not operate an open DNS resolver. The open DNS resolver may be present due to a default operating system installation or system configuration issue. In some cases, we have found network devices such as home routers have flaws that expose DNS service to the Internet.
Although we do not believe you have any direct contribution to the attacks, the fact that others are facilitating attacks through the service you are hosting constitutes a violation of the AT&T Acceptable Use Policy. AT&T Network Security is requesting that you take actions to disable access to this DNS server from the Internet or to implement suitable controls to minimize or stop this abuse. If the DNS server at your IP address continues to be identified as a source of abuse, AT&T Network Security may be forced to block Internet activity to and from (Number removed) until the problem has been resolved.