Select Page

How to secure DNS server

How to secure DNS server

 

DNS is the basis of most internet applications – emails, messengers, web site browsing, etc. But we often tend to miss out the presence of this extensively used service. As a result, server administrators overlook the vulnerabilities in dns service and hackers easily exploit this aspect.

The security of a server includes securing all its server software and application software, file system, network and physical security. We’ve already covered the entire list in our previous post. Today, we’ll take a more focused look at how to secure dns server.

Read more at : How to secure a server

 

How to secure dns server

1. Protect server information

Every server software has a version number associated with it. Attackers can easily identify the DNS server version from a simple DNS lookup information and easily find the vulnerabilities of that version and attack the DNS server.

Hiding the software version information increases the effort a hacker would have to put, in order to attack the DNS server. This would make the attack a hard thing to do and thus help to protect the DNS server.

2. Limit recursive queries

A DNS server that handles recursive queries forwards the DNS queries to other DNS servers, if they don’t have the records with them. Too many recursive queries can hog the server memory.

An open DNS server accepts queries from everyone, which can lead to malicious users querying the DNS server. This often leads to risks such as DOS attacks and Cache poisoning.

DOS attacks cause network traffic to be clogged by sending too many requests to the DNS server, making it unresponsive. In cache poisoning, attackers send specific queries to DNS server and gains control over server traffic.

 

How to configure firewall in linux denial of service

Attackers send multiple queries simultaneously to the victim server.

 

One way which we can limit recursive queries is by configuring a closed DNS server, which accepts queries only from a trusted set of clients. We can also limit the number of clients that are served concurrently by the DNS server or turn off recursive queries.

Read: Fix for DOS vulnerability in DNS servers


Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.
MORE ABOUT BOBCARES