Websterz Technology Blog

Free tutorials, Tech News, Source codes, Tweaks and Tips.

You Are Here

DNS Troubleshooting

How to secure DNS server

one Comments

In this quick tutorial i will discuss how to secure your DNS server (Bind9), by applying the following techniques you will be able to increase your DNS server’s security from the recursion lookups.

  • First of all you should know your two ip addresses of DNS server’s, to do so just open the file/etc/nameserverips there you will get two DNS ips.

# tail /etc/nameserverips

  • Now you would need to open /etc/named.conf

# nano /etc/named.conf

  • Look up for the line :

options {

  • Add the following lines above that:

acl “trusted” {
x.x.x.x;
y.y.y.y;
};

  • Where x.x.x.x and y.y.y.y are your DNS server’s ips.
  • Now look for the line:
  • // query-source address * port 53;
  • Below it , insert the following line :

version “Bind”;
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };

  • This will disable DNS Recursion, Prevent zone transfers and notifications all restricted to you DNS only and not to outside queries.
  • Save the settings and restart your BIND:
# service named restart
  • You are done! you can check and ensure your settings from the following web sites:
    • www.pnigability.com
    • www.dnstools.com
Feedback are welcome 🙂
Spread the love

Related posts:

Default ThumbnailCheck your server for openDNS relay (DNS recursion) Scan your web site for Malwares and Malicious scripts ApacheEasyApache Error -Timeout on connect..Can’t use an undefined value as an ARRAY reference at /usr/local/cpanel/Cpanel/HttpRequest.pm line 550. How to deal with hackers for web server? Sym links solution
See also  Remove IPtables rules from rescue system

One thought on “How to secure DNS server

  1. Pingback: How do i secure my server ? « Websterz Web Solution

Leave a Reply

Your email address will not be published. Required fields are marked *