The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

closing open dns server

Discussion in 'Bind / DNS / Nameserver Issues' started by hamper, Jul 17, 2006.

  1. hamper

    hamper Well-Known Member

    Joined:
    Apr 28, 2006
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    hi all,

    i've a small problem with my dns server. I followed the directions here in closing my dns server so that it was no longer open. first I used the recursive no; and then found that does close the dns server but it also wont allow my box to be resolved when doing updates. thus the errors I've been getting from whm when doing my updates with cpanel. so I changed it to the {trusted} way. my problem is that whenever there is a update it manually changes my named.conf back to show the recursive no; instead of leaving it the new way. I think there is a command to stop it from overwriting it but i'm at a loss as to what it is.

    can someone perhaps please tell me?

    thanks....
     
  2. oulzac

    oulzac Well-Known Member

    Joined:
    Aug 7, 2005
    Messages:
    131
    Likes Received:
    0
    Trophy Points:
    16
    recursive no;
    is not what you should have used, it should be:

    recursion no;

    That will work, thats what I use on all my box's :cool:
     
  3. hamper

    hamper Well-Known Member

    Joined:
    Apr 28, 2006
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    6
    Thank you very much. but when I change it to that, and go back to WHM at the top where the security info is posted I'm back to getting this error.

    Which tells me that it again is no longer resolving properly.
     
    #3 hamper, Jul 17, 2006
    Last edited: Jul 17, 2006
  4. skyhorse

    skyhorse Active Member

    Joined:
    Aug 18, 2004
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    There is *no* reason why you should use "recursion no" option, rather you should make lists of IP addresses where recursion is allowed... thats why your updates are not working and I'm surprised your Exim still does...

    Have a look at Fixing Open DNS servers
     
    #4 skyhorse, Oct 3, 2006
    Last edited: Oct 4, 2006
  5. angelina_holy

    angelina_holy Well-Known Member

    Joined:
    Aug 6, 2006
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    nano -w /etc/named.conf
    Before the line that says “directory /var/named”; (it could be /var, /var/named, etc)

    Put:

    recursion no;

    Save.

    Make sure you can ping your account and google.com afterwards.

    If not /etc/resolv.conf will need to be fixed.

    Server’s IPs should NOT be in /etc/resolv.conf.
    127.0.0.1 should NOT be in /etc/resolv.conf.
    /etc/resolv.conf should contain the outgoing resolvers of the customers datacenter.

    Ping these nameservers to find their IPs
    To find what DC he’s in, as well as to find what nameservers the DC uses:
    http://centralops.net/co/DomainDossier.aspx
    Put in his IP or domain, and click “network whois record”

    Open DNS recursion has been disabled on your server, effectively preventing your server from being used in a DDDoS attack. Foreign users will also no longer be allowed to query your DNS server, thus preventing excessive load on your dns servers.
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    angelina_holy, please stop posting that advice. As has been pointed out in other threads you should not just set "recursion no" and remove IP's from /etc/resolv.conf - it's not the senseible way to disable the recursion issue unless you understand what you are doing.
     
  7. angelina_holy

    angelina_holy Well-Known Member

    Joined:
    Aug 6, 2006
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    The rescurrion set to no worked for me .. Guess I was lucky
    But seems that it is causing errors for other . so In addition to 127.0.0.1 that line should include all IPs on the server plus other IPs that you want to allow recursion


    pico /etc/named.conf

    options {
    allow-recursion { 127.0.0.1; xxx.xxx.xxx.xxx; };
    };

    Hope this helped a little

    you will find a detail solution at

    http://www.skyhorse.org/web-server-...panel-whm-version-10/fixing-open-dns-servers/
     
Loading...

Share This Page