This Taxonomy definiton refers to systems which are connected to the Internet on a public IP address and have one of the following properties:
- they are open for abuse (for example open recursive DNS resolvers or open NTP servers with monlist). While these examples usually are not vulnerable to being hacked per se they MAY be mis-used in order to facilitate attacks against other networks. See also rDDoS.
- they may be legitimate systems but not protected with a password (example: VNC server without authentication).
- they are running outdated software which is known to be vulnerable for certain attacks.
In all of these cases, CERT.at recommends that you inspect the named systems and take appropriate actions.