DNS Security Basics When configuring DNS for a network, there are several things an administrator can do to increase the security of the DNS servers. A DNS zone is the database containing the DNS records for a network. Every DNS zone needs a primary DNS server and at least one secondary DNS server. It is important that each of the DNS servers contains the most recent version of the zone; the process that accomplishes this is known as a zone transfer. It is good security practice to restrict zone transfers to the IP addresses of the DNS servers in your own network. For example, on the primary DNS server, input the IP addresses of the secondary DNS server(s)--this will prevent zone transfer requests from DNS servers or clients outside of your own network. On the secondary DNS server(s), input the IP address of the primary DNS server—this will prevent them from accepting zone information from DNS servers outside of your own network. More details of this article, go to DNSstuff.com
You are reading the blog of Moonshi Mohsenruddin, a Singapore citizen and evangelist of Information Technology and how IT can be leverage to solve real world problems. I am a Problem Solver, a Systems Guy who believes in Sharing thru Giving, Learning by Doing and applying knowledge towards creating Economic Freedom.