Ok, hosting my own DNS server here. The reason I'm hosting it is because I also host a webserver here. I registered a domain name through NAMESECURE . I specified to NAMESECURE that I will be using my own DNS server and not theirs.
I have done the following on my win2k DNS server:
-removed file and print sharing
-only running DNS (nothing else. no IIS, no AD)
-disallowed zone transfers
-disallowed dynamic updates
Question: Should this DNS server be allowed to query root servers? I'm guessing it shouldnt? I added A records for the address of my webserver. That is all that is in the current forward lookup zone.
What else should I do to secure this box?
Thanks in advance