Dark_Matter Posted March 7, 2006 CID Share Posted March 7, 2006 I've been using various tools to test out many domain names nameservers to see if they were OPEN/RECURSIVE, and my findings are bad. I tested about 400 various domain names for these open nameservers, and atleast 90% of the ones i tested were recursive. What does this mean? It means that anyone can query a recursive nameserver for domains it's not authoritative for. If a bad guy wanted he/she could use these open nameservers as a Denial Of Service tool, and more. Then you also have to worry about cache posining the list goes on. I mainly write this for those who run their own DNS to make sure you do not have open nameservers, and if you do to close them. If you run BIND you can easily close them by adding this line to either your named.conf or named.conf.options in /etc/bind/ allow-recursion {localnets; }; This line tells bind to only act recursively for systems that are part of the same logical subnet as the Bind server. For Microsoft based DNS servers there is usually only an on off option for recursion which makes it harder to fix than for bind. Anyway i hope this helps my fellow geeks. Later! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.