security BIND

Michael Hoskins (michoski) michoski at
Mon Aug 6 02:32:06 UTC 2012

-----Original Message-----

From: Carsten Strotmann <cas at>
Date: Saturday, August 4, 2012 8:37 AM
To: Alberto Rasillo <bluesnatural at>
Cc: "bind-users at" <bind-users at>
Subject: Re: security BIND

>On Sat, 4 Aug 2012, Alberto Rasillo wrote:
>> Hi what are recomendations regarding security and DNS service?Thnks
>it is difficult (impossible?) to answer such a generic question.
>Generic security advice for a DNS service:
>* read your DNS servers documentation carefully
>* understand every bit of your configuration
>* don't use configuration settings you don't fully understand
>* understand hos DNS works (read a good book or visit a good DNS training)
>* run recent software (not old software that has know security issues)
>* monitor your DNS server (DNS server logfiles, DNS traffic-patterns)
>* don't run an 'open resolver'

Agreed, there's no one answer but a collection of advice.  You'll need to
do some research, and keep abreast of trends by joining lists like this
one and others like dns-operations and bugtraq.

Good luck!

More information about the bind-users mailing list