closing open dns server

[hamper]

hi all,

i've a small problem with my dns server. I followed the directions here in closing my dns server so that it was no longer open. first I used the recursive no; and then found that does close the dns server but it also wont allow my box to be resolved when doing updates. thus the errors I've been getting from whm when doing my updates with cpanel. so I changed it to the {trusted} way. my problem is that whenever there is a update it manually changes my named.conf back to show the recursive no; instead of leaving it the new way. I think there is a command to stop it from overwriting it but i'm at a loss as to what it is.

can someone perhaps please tell me?

thanks....

 

[oulzac]

recursive no;
is not what you should have used, it should be:

recursion no;

That will work, thats what I use on all my box's

 

[hamper]

Thank you very much. but when I change it to that, and go back to WHM at the top where the security info is posted I'm back to getting this error.

a fatal error or timeout occurred while processing this directive]Unable to fetch Web Host Manager Security News. The News server may be down or unreachable

Which tells me that it again is no longer resolving properly.

 

[skyhorse]

There is *no* reason why you should use "recursion no" option, rather you should make lists of IP addresses where recursion is allowed... thats why your updates are not working and I'm surprised your Exim still does...

Have a look at Fixing Open DNS servers

 

[angelina_holy]

nano -w /etc/named.conf
Before the line that says “directory /var/named”; (it could be /var, /var/named, etc)

Put:

recursion no;

Save.

Make sure you can ping your account and google.com afterwards.

If not /etc/resolv.conf will need to be fixed.

Server’s IPs should NOT be in /etc/resolv.conf.
127.0.0.1 should NOT be in /etc/resolv.conf.
/etc/resolv.conf should contain the outgoing resolvers of the customers datacenter.

Ping these nameservers to find their IPs
To find what DC he’s in, as well as to find what nameservers the DC uses:
http://centralops.net/co/DomainDossier.aspx
Put in his IP or domain, and click “network whois record”

Open DNS recursion has been disabled on your server, effectively preventing your server from being used in a DDDoS attack. Foreign users will also no longer be allowed to query your DNS server, thus preventing excessive load on your dns servers.

 

[chirpy]

angelina_holy, please stop posting that advice. As has been pointed out in other threads you should not just set "recursion no" and remove IP's from /etc/resolv.conf - it's not the senseible way to disable the recursion issue unless you understand what you are doing.

 

[angelina_holy]

The rescurrion set to no worked for me .. Guess I was lucky
But seems that it is causing errors for other . so In addition to 127.0.0.1 that line should include all IPs on the server plus other IPs that you want to allow recursion


pico /etc/named.conf

options {
allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; };
};

Hope this helped a little

you will find a detail solution at

http://www.skyhorse.org/web-server-...panel-whm-version-10/fixing-open-dns-servers/