What Are Some Ways to Secure a DNS Server Against Attack?

DNS servers are vital to every network and must be protected against malicious users.

Domain Name System, DNS for short, is a hierarchical naming system that translates domain name addresses that humans understand into numerical language that computers understand. DNS then searches and finds the user's requested address. DNS servers are the heart of all networks and need to be protected against malicious and even accidental damage done by users. Configuring firewalls, forwarders, zone transfers and resolvers are a few ways to protect DNS servers.

Print this article

DNS Forwarders
- A DNS forwarder is a DNS server that performs queries for another DNS server and lessens traffic on the main DNS server. DNS forwarders can have much larger caches, which benefits the primary DNS server. A forwarder also prevents the primary DNS server from contacting servers outside the internal network. This is beneficial to the security of the DNS server and internal network.
Firewalls
- Firewalls are a security necessity that restricts unauthorized access to systems and networks, and are one of the strongest lines of defense against attacks from outside users. Firewalls are installed using software or are integrated by default into networking hardware such as routers. Firewalls can filter TCP/IP traffic, ports and protocols. Firewalls can be configured to be lenient or aggressive when accepting incoming traffic.
Disable Zone Transfers
- Zone transfers occur between the primary and secondary DNS servers. DNS zone files are created and updated by the primary server, and a read-only copy is sent to the secondary server. Disabling this is a must because malicious users can request the zone files on the primary server to be dumped. The attacker can then alter the naming schema and damage network infrastructures. Denying all zone transfers or only allowing specific servers halts these attacks.
DNS Resolvers
- A DNS resolver is a DNS server that resolves domain names without being an authoritative or primary server. A DNS resolver server's only job is to resolve host names for the end user. A resolver can be available for users within an internal network, for outside users, or both. It also lessens the load of authoritative and primary servers.

Photo Credit Thinkstock Images/Comstock/Getty Images

Comments

The Best Ways to Protect a Computer or Network Against Worms
The Best Ways to Protect a Computer or Network Against Worms. Worms are a type of computer malware designed to disrupt networks...
How to Secure a Wireless Network D-Link
If you have a D-link wireless network, your computer is susceptible to outside intruders unless you take preventive measures to prevent intrusion....
How to Secure a Data Network
Provide physical security: Lock the server room. This is the first and most obvious way to secure a data server. This keeps...
How to Setup a DNS Server
Computers and Internet networking equipment communicate with each other via numerical IP addresses, rather than domain names. In order to prevent Internet...
How to Remove Zlob DNS
Zlob.DNS, also referred to as Zlob.DNS Changer or Trojan.Win32.DNSChanger, is a Trojan that opens a security hole in your computer allowing additional...
Endpoint Firewall Rules
Endpoint Firewall Rules. According to the Federal Bureau of Investigation, a firewall is a necessity in protecting your computer and data. The...
What Is a DNS Server?
Websites are identified in computer systems by a series of numbers called IP (Internet Protocol) addresses. So that humans do not have...
How to Make Your Server More Secure by Changing the Port of Access
Server security is a major concern in today's computer environment. This system helps protect against losing vital business data, as well as...
How to Configure Multiple Domain Names to One Exchange Server
Microsoft Exchange Server is an enterprise level email host. You can host email by configuring your Domain Name System (DNS) with a...
How to Secure a Wireless Internet Connection
Though wireless networks provide increased mobility to users, data security is one of the key concerns. Data transmitted in a wireless network...
How to Protect Against a SYN Flood Attack
An SYN flood is a straightforward brute force attack on a network or computer. An attacker sends a stream of SYN packets...
How to Use DNS to Block Websites
A Domain Name System (DNS) is a server application that at a basic level tells the world how to access local servers....
Apple DNS Fix
Domain name servers (DNS) are used to associate Internet named addresses with numerical addresses, much in the same way that a phone...
How to Configure a Secure Wireless Network
Configuring a secure wireless network is not an overly complicated procedure. Even if you have little technical computer skill, or little experience...
What Are the Communication Styles Within a Team?
Recognizing your unique team communication style and the communication styles of your team members will allow you to function as best you...
How to Create a Web Redirect in DNS
DNS (Domain Name System) is the system that enables you to control how your domain functions on the web. A "redirect" is...
Hardware Firewall Vs. Software Firewall
Firewalls come in two basic types: hardware based and software based. Both types of firewalls are important and play a major role...

What Are Some Ways to Secure a DNS Server Against Attack?

Other People Are Reading

DNS Forwarders

Firewalls

Disable Zone Transfers

DNS Resolvers

References

More Like This

Comments

You May Also Like

Related Ads

Kid-Approved iPad Apps by Mom.me

You May Like