@tfa did you get one of these, any idea what this is about/what to do?
We have received a security alert from the German Federal Office for Information Security (BSI).
Please see the original report included below for details.
Please investigate and solve the reported issue.
It is not required that you reply to either us or the BSI.
If the issue has been fixed successfully, you should not receive any further notifications.
Additional information is provided with the HOWTOs referenced in the report.
In case of further questions, please contact email@example.com and keep the ticket number of the original report [CB-Report#...] in the subject line. Do not reply to <firstname.lastname@example.org> as this is just the sender address for the reports and messages sent to this address will not be read.
Hetzner Online GmbH
91710 Gunzenhausen / Germany
Tel: +49 9831 5050
Fax: +49 9831 5053
Register Court: Registergericht Ansbach, HRB 6089
CEO: Martin Hetzner, Stephan Konvickova, Günther Müller
On 20 Mar 05:14, email@example.com wrote:
Dear Sir or Madam,
open DNS resolvers are abused for conducting DDoS reflection/
amplification attacks against third parties on a daily basis.
Affected systems on your network:
Format: ASN | IP | Timestamp (UTC)
24940 | xx.xx.xx.xx | 2019-03-19 01:06:37
We would like to ask you to check if the open resolvers identified
on your network are intentionally configured as such and appropriate
countermeasures preventing their abuse for DDoS attacks have been
If you have recently solved the issue but received this notification
again, please note the timestamp included below. You should not
receive any further notifications with timestamps after the issue
has been solved.
Additional information on this notification, advice on how to fix
reported issues and answers to frequently asked questions:
This message is digitally signed using PGP.
Information on the signature key is available at:
This is an automatically generated message. Replies to the
sender address <firstname.lastname@example.org> will NOT be read
but silently be discarded. In case of questions, please contact
<email@example.com> and keep the ticket number [CB-Report#...]
of this message in the subject line.
!! Please make sure to consult our HOWTOs and FAQ available at
!! <https://reports.cert-bund.de/en/> first.
Mit freundlichen Gren / Kind regards
Bundesamt fr Sicherheit in der Informationstechnik
Federal Office for Information Security (BSI)
Referat CK22 - CERT-Bund
Godesberger Allee 185-189, 53175 Bonn, Germany