DNS Worry

**zodiac** · 09-11-2006 05:36 PM

I get this message when I query my name using dnsreport

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:
Server xxx.xxx.xxx.xxx reports that it will do recursive lookups.

the XXX is my IP Address, just removed it to be safe for the ticket.

Is there a way I can secure my DNS better
thank you

**rhenderson** · 09-15-2006 12:51 PM

Originally Posted by zodiac

I get this message when I query my name using dnsreport

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:
Server xxx.xxx.xxx.xxx reports that it will do recursive lookups.

the XXX is my IP Address, just removed it to be safe for the ticket.

Is there a way I can secure my DNS better
thank you

I assume you got that error via dnsreport.com and there is a link there that shows you how to edit named.conf to fix it. I would put it here but I do not remember it exactly but I do remember it has something to do with recursion.

**hikaro** · 09-15-2006 01:17 PM

check this link
http://www.webhostgear.com/321_print.html

**skyhorse** · 10-04-2006 06:41 AM

if you do a search for "open dns" in this forum you'll find loads of threads about this...
have a quick look at Fixing open DNS servers as well, it might help...
always remember to backup your named.conf before any changes!

sky

**Manuel_accu** · 10-06-2006 02:06 AM

It is related to open DNS server and that reponnds to recursive queries for anyone which may lead to DDos attack using open DNS server.

Fixing Open BIND DNS server: (source: dnsreport.com)

* Open named.conf with a text editor
* Use a line "recursion no;" in the "options" clause (or in the "view" clause)
* If you need to enable recursion for your local network, you can use a "allow-recursion { ADD_LIST_OF_YOUR_IP_RANGES_HERE; }" line in the "options" section.

If you are not sure for above step, check the below mentioned URL for easy gude:

http://forums.linuxwebadmin.info/ind...opic,49.0.html

Thanks,

LinkBack

Thread Tools

DNS Worry

CentOS Scare - Don't Worry !

Should i worry about this mail.

To worry or not to worry?

should i worry about /scripts ?

Should I worry about imap connections from an unknown IP?