Open DNS Resolvers & Open Portmappers

This article expanse what is open DNS, how to use DNS Resolvers, and fix issues.

DNS (Domain Name System) allows us to create custom domain names. This tool makes it easy to remember visited website addresses, and it works somewhat like a phone book on your mobile/smartphone, where all numbers are represented by names.

A Fully Qualified Domain Name (FQDN) is the complete, correctly designed name for a domain, including a hostname and a domain name.

Let’s say we’re trying to reach DNS Heficed mail servers, which are hypothetically located at mail.heficed.com:

  • Hostname – mail.
  • Domain name – Heficed.com
  • Query – mail.heficed.com

How to fix Open DNS Resolvers

The simplest way to protect your system from being abused is to limit the addresses your server will perform recursive lookups for to your local subnets. The specifics of the process, of course, depend on which DNS server you’re using.

Follow these instructions to block external DNS requests using a firewall, such as the built-in Windows firewall.

  1. Navigate to Firewall > Rules.
  2. Create the block rule as the first rule.
  3. Create the pass rule to allow DNS to the firewall, above the block rule.
  4. Apply the changes to reload the ruleset.

How to disable recursion

Windows

  1. Open DNS Manager.
  2. In the console tree, right-click the applicable DNS server and click Properties.
  3. Click the Advanced tab.
  4. In Server options, select Disable recursion and then click OK.

Linux/Ubuntu/Debian

On Debian/Ubuntu-based Linux systems, use the following command via the Terminal to remove the portmapper service:

# apt-get remove rpcbind

BIND 9.X DNS Servers

Add the following lines to the options section of /etc/bind/named.conf.options.

allow-transfer {"none";};
allow-recursion {"none";};
recursion no;

CentOS

  1. Log in to your server using your root credentials.
  2. Locate named.conf.
  3. Change from Recursion yes; to Recursion no;.
Named.conf file in CentOS server. Recursion disabling in DNS

More articles about DNS:

Was this article helpful?

Topics

You may also like

Abuse / 15/02/2021
The Abuse Contact Changing in Organization’s Details
Abuse / 15/02/2021
How To Report Abuse
Abuse / 15/02/2021
Open DNS Resolvers & Open Portmappers

Need support?

If you need any further help, don't hesitate to send a support request to our support team.