Article ID: 3414, created on Nov 30, 2007, last review on May 11, 2014

  • Applies to:
  • H-Sphere


This means that your DNS servers are open as well as the million others in the world. There is nothing strange and very bad in this but somebody can use them to resolve IPs and hostnames fluently. You can close your nameservers from external resolving of non-native zones if you want. To fix the issue with "Open DNS servers" you can include allow-recursion directive to options {} section in /etc/named.conf on each nameserver. For example, allow-recursion { list of your local subnets; }; Do not forget to restart named. After that, only local machines will be able to resolve external hosts which will do your nameserver not open for the world.

f213b9fa8759d57bee5d547445806fe7 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF