Web Hosting Resources, Forum, FAQ, Directory
Login
Username:

Password:


Lost Password?

Register now!
Main Menu
Search

Advanced Search
Hosting Article :: Dedicated Linux

What risks are associated with recursive DNS queries?

Submitter: Jane83 Date: 2008/2/28 22:49 Views: 2



There are two types of DNS queries: iterative and recursive.

NOTE: We do not allow recursive DNS to run on dedicated or virtual dedicated servers unless it runs locally and for a specific IP range. If we find your server running an improper configuration of recursive DNS, we will exercise our right to suspend your account. The account will remain suspended until arrangements are made to turn off recursive DNS.

Iterative
Iterative DNS queries are ones in which a DNS server is queried and returns an answer without querying other DNS servers, even if it cannot provide a definitive answer. Iterative queries are also called non-recursive queries.
Recursive
Recursive DNS queries occur when a DNS client requests information from a DNS server that is set to query subsequent DNS servers until a definitive answer is returned to the client. The queries made to subsequent DNS servers from the first DNS server are iterative queries.

Recursive DNS query risks

A DNS server that supports recursive resolution is vulnerable to DOS (denial of service) attacks, DNS cache poisoning, unauthorized use of resources, and root name server performance degradation.

DOS attacks
Servers supporting recursive DNS queries are vulnerable to phony requests that flood a particular IP address with the results of each server's query. This can overwhelm the IP address with a volume of traffic too large to be processed.
DNS cache poisoning
Cache poisoning results from someone tricking a DNS server into believing that a fake DNS query response is authentic. Because responses are normally cached, this false information can be distributed to users of that server.
Unauthorized use of resources
With recursive DNS queries enabled, a server is more easily hijacked and its performance compromised.
Root name server performance degradation
When DNS servers are not configured correctly, queries using RFC1918 addressing (also known as "private" addressing) may be leaked to the root name servers, causing a degradation in service for legitimate queries to those servers.

Disabling recursive DNS

For information on disabling recursive DNS, see the following:

<< How do I access my Linux dedicated server using SSH? How do I disable recursive DNS queries on my Linux dedicated/virtual dedicated ser... >>
Trackback
  • URL: http://www.powerhoster.com/domainhosting/modules/article/view.article.php/c10/1362
  • Trackback: http://www.powerhoster.com/domainhosting/modules/article/trackback.php/1362
Rate
10987654321
API: Toolkit PM Email PDF Bookmark Print | RSS | RDF | ATOM
Copyright© Jane83 & Powerhoster.com
The comments are owned by the poster. We aren't responsible for their content.

 Re: ClimateScape and FireScape

Posted: 2011/12/6 14:54  Updated: 2011/12/6 14:54

beaujon


Joined: 2011/12/1
From:
Posts: 65353
Winter inevitably means thick in the thick coat. Choose a pair of Ugg Boots Sale Uk that will keep warm and also light ugg boots discount , then Ugg Boots Sale USA need to be advisable choice. uggs We may really familiar with the actual Ugg Boots Sale USA , we know its actual is suitable for each winter and summer. You will find Ugg Boots Sale USA for males, girls and young children. We are avaible in a lot of different colors, distinct designs and various sizes. Gray and white sweater, has the taste of ripe. Many people are fall in really like with Ugg Boots Sale Uk . Over the past few years, Ugg Boots Sale Uk has become a kind of fashion. causal boots Low cost Ugg Boots Sale USA here for you. free shipping free shipping cheap uggs
© 2001-2007 Power Hoster