How do I secure a Microsoft DNS Server?
Answered Sun, 10 Mar 2002
> I'm creating a new DNS that will replace the old server for our company and it will
> be behind the firewall. I need to find out how to harden the DNS server prior to
> putting it online. Can you point me to some articles so I can secure the server.
Unfortunately, there's not a great deal you can do to harden a Microsoft
DNS Server. If the name server doesn't receive any legitimate recursive
queries (i.e., there are no authorized resolvers querying it, or nameservers
using it as a forwarder), you can disable recursion with a Registry setting.
You can also restrict zone transfers to authorized slave name servers. But
that's about it.
cricket
