Sabrin
asked on
Open DNS servers
hello,
when I go to this URL to see the reports of my name servers
http://dnsreport.com/tools/dnsreport.ch?domain=mydomain.com
I see the information bellow but I dont know how to fix it!
its running on centos v4.4
ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:
Server 1.2.3.4 reports that it will do recursive lookups. [test] See this page for info on closing open DNS servers.
when I go to this URL to see the reports of my name servers
http://dnsreport.com/tools/dnsreport.ch?domain=mydomain.com
I see the information bellow but I dont know how to fix it!
its running on centos v4.4
ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:
Server 1.2.3.4 reports that it will do recursive lookups. [test] See this page for info on closing open DNS servers.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
i got it!
restart named
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
include "/etc/bind/bind.conf.wp";
/**
* Options statement is now managed by WP and can be found in
* /etc/bind/options.conf.wp
*/
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
acl "trusted" {
myip1;myip2;127.0.0.1;
};
options {
directory "/var/named";
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };
dump-file "/var/named/data/cache_dum
statistics-file "/var/named/data/named_sta
};