Open Recursive DNS server on a Netgear DG834

I recently recieved the following email from my ISP:

"It has been identified that your internet connection (my username) is acting as an open recursive DNS server. This means that your connection could contribute to a DDoS (Distributed Denial of Service) attack resulting in your and other people's connections becoming unusable.

The IP addresses of the affected devices are listed below:

      my ip address

At this point we are only informing you of a potential security vulnerability on your network. However, if we receive abuse reports about your connection contributing to a DoS/DDoS attack, your connection may be suspended until such time that this security hole is closed.

What is an open recursive DNS server?

An open recursive DNS (Domain Name System) server basically means there is something connected to your xDSL line that is responding to DNS queries from anywhere on the Internet. This device could be a router, computer, DNS server, etc.

Why is this a Problem?

As DNS queries usually use UDP (User Datagram Protocol), the source address can be spoofed, meaning that somebody can submit a request which does not go back to them but actually goes to a different location on the Internet. Also, as DNS requests are relatively small and the replies sent back are larger, someone on a single ADSL connection with an upload of 256 kbps could quite easily make someone else's 1000 kbps ADSL unusable because the latter is being saturated by the spoofed packets being sent to them.

What should you do about it?

If you have a DNS server on your network, make sure that it will only serve up DNS to local and/or known sources. If you have no such server, then we require you to run a full virus scan of all machines connected to the IP listed above.

If no viruses are found, then there is something else on your network that is acting as an open recursive DNS server. This could be a device you are unaware of, in which case we recommend you contact your network administrator in order to deal with the problem.

The other possible cause is your xDSL modem/router. If all other avenues have been tried, we advise referring to your hardware user manual to see if the DNS server can be turned off or locked down to local addresses. If there is no mention of a DNS server in the manual, we suggest contacting your hardware manufacturer or supplier for further help in resolving this problem.

Please note xxx technical support are unable to help secure DNS servers, if you have an unsecured DNS server please contact your network administrator for help in doing so."

Can anybody tell me what I need to change in the config of my 834 to comply with what my ISP wants??
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lotsa discussion on various forums about this. With Netgear it seems to be a firmware issue and you should upgrade to the latest version.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
metamaticAuthor Commented:
Spot on. Upgraded my firmware and the problem is sorted. Many thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.