Solved

Open Source DNS Virtual Appliance

Posted on 2013-12-05
2
4,194 Views
Last Modified: 2013-12-07
We would like to deploy a public facing DNS server in our DMZ.  All of our DMZ servers reside on a VMware 5 host.  I was wondering if there are any open source DNS servers with web interfaces that come pre-assembled on a hardened Linux appliance.  I'm basically looking for an OVF template that I can deploy on our VMware host and then browse to it to configure it.  I don't know enough about Linux to properly deploy a secure DNS server from scratch and I don't really want to pay for Windows Server 2008 R2 licenses just for DNS.
0
Comment
Question by:CIPortAuthority
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39699558
Hmmmmm.... tough question -
This is one of those questions where there is no right answer and whatever is said, people will say that is the worst answer.
There is no good or bad Linux distribution - just osme do things better than others.

First of all - there is no distribution that is ready built just as a DNS server.  I guess this job is too small.  Linux does so much - people would be thinking why limit it to do just that.
Almost any distribution will allow you to install a DNS service like BIND  (or will come with it already installed).

There will then be people who shudder at the idea of configuring your server over GUI or web interface when it is in the DMZ.  What if there is a security hole and someone redirects your web services to their server ?
One option here would be to have two servers.  One inside your closed down firewall which you can configure with a web page - and this then feeds out to one outside.
Another idea would be to have the server in a slightly more secure location so it is firewalled off and ONLY the ports needed for DNS would be allowed through - the rest could come from inside your firewall and allow more access to config etc.

Pick a Linux distribution - look for one that has a secure server setup.
When you have that install a GUI config like WEBMIN and then get the ports opened on the firewall to allow it to work.

You should also have a backup DNS out on the internet.  There are free ones or pay ones - depending on what you want / need it to do.

Good luck :)
0
 

Author Closing Comment

by:CIPortAuthority
ID: 39703009
Sorry for taking so long to reply but I was waiting to see if there would be any other comments.

Thanks for the helpful information!
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
Teach the user how to use configure the vCenter Server storage filters Open vSphere Web Client:  Navigate to vCenter Server Advanced Settings: Add the four vCenter Server storage filters: Review the advanced settings: Modify the values of the four v…
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question