Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Open DNS Security Issue

Posted on 2014-02-25
3
Medium Priority
?
688 Views
Last Modified: 2014-03-12
Hi All!

We have been having an issue with our ISP (Roger's) shutting down our internet service for what they are saying is an "Open DNS" on our system.  This is a new one.  There's never been a problem before and the system has been in place for years.  We have Trend-Micro Worry Free Business and I have tried blocking port 53 for inbound, BUT, of course, then all client computers on the network cannot access the internet.  Also, it will interfere with Exchange access.  We have one server and a static IP service.

What I've tried:

 - Turned off Recursion: clients could no longer access web sites
- Blocked port 53 (Inbound) - In Trend Micro Firewall: clients couldn't access web sites
- Blocked Port 53 (outbound)  - In Trend Micro Firewall: Did not resolve security issue

*** Rgers gave us a web site to check the open DNS:              www.thinkbroadband.com/tools/dnscheck.html  

When port 53 is blocked in the Trend Micro this web check shows the DNS issue as resolved, however, when not blocked it shows a problem.

How can I resolve this issue and still allow clients to access the internet web pages?
0
Comment
Question by:mark-IT-2013
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 8

Assisted Solution

by:Mandeep Khalsa
Mandeep Khalsa earned 664 total points
ID: 39887835
Inbound port 53 being open is causing this problem for you. There is no need for you to keep that port open. There must be some setting that is not setup properly in Trend Micro Firewall but first thing you should do is turn off the inbound port 53.

You should have one internal DNS server at the very least and that server should be the only one to resolve all client queries. Check to make sure that your IP address of the DNS server is actually being used by the clients and not something else.
0
 
LVL 83

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 668 total points
ID: 39887889
stop inbound from the WAN but allow outbound from the lan
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 668 total points
ID: 39890178
Do you have a hardware router/firewall between your network and the internet? If so, that's where inbound port 53 needs to be blocked, not in Trend Micro on the DNS server. If you don't have one, follow David Johnson's advice: configure Trend Micro to allow traffic through to port 53 from the IP address range on your internal network but nowhere else (assuming Trend Micro can be configured this way).
0

Featured Post

WEBINAR - Latest Cyber Tips for Defense

Join the WatchGuard Threat Research Team on October 26th for an informative webinar featuring expert tips and tricks for defending your organization from today's latest cyber threats. Don't leave yourself vulnerable to attack. Register for the webinar today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question