Recursive DNS and associated risks?
-
eitconsulting
- Posts: 4
- Joined: 07 Sep 2016 06:13
Recursive DNS and associated risks?
I've reviewed several sites from Google, Go Daddy and Microsoft and each mention the risks associated with Recursive DNS. In regards to the initial EFA virtual machine DNS configuration, does the EFA VM have a pre-emptive means configured to grapple with DoS attacks, DNS Cache poisoning, Unauthorized use of resources, and degradation in service for legitimate queries from queries using RFC1918 addressing?
Re: Recursive DNS and associated risks?
well... unless EFA DoS, or poisons its own cache...
[root@rpl-emx01 ~]# netstat -tln|grep :53
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
IPtables comes preconfigured to not allow anything but SSH, HTTP/S, Webmin, and SMTP. DNS doesnt service anything but EFA's only mail transport activities.
[root@rpl-emx01 ~]# netstat -tln|grep :53
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
IPtables comes preconfigured to not allow anything but SSH, HTTP/S, Webmin, and SMTP. DNS doesnt service anything but EFA's only mail transport activities.