Announcement

Collapse
No announcement yet.

How to Secure DNS and Domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to Secure DNS and Domain

    Hi All,
    I have an issue that I would like help from anyone. I have a Win2003 server that is my DNS,DC and my Exchange server. My internal domain(x.com) name is the same as my external domain(x.com) name and from what I have heard its not safe to have it like that. I need to know how to secure my DNS and domain.

    Secondly how can I change my domain/dns name to x.local without losing data or should I say in the safest way possible.

  • #2
    Re: How to Secure DNS and Domain

    The first question is do you host the DNS records for your external domain name? If not then the only thing you really need to do is to make sure that you don't allow any inbound DNS traffic though your firewall. For specifics on securing MS DNS see the article at the following link.

    http://technet2.microsoft.com/window....mspx?mfr=true

    As for renaming the domain, you can get more info from the link below. Also, my recommendation would be to use "domain.internal" as your internal domain name as the ZeroConf protocol uses the ".local" namespace and renaming to "domain.local" may cause problems in the future with ZeroConf devices. In Windows, the Wireless Configuration service uses the ZeroConf protocol.

    http://technet.microsoft.com/en-us/w.../bb405948.aspx

    Comment


    • #3
      Re: How to Secure DNS and Domain

      Thanks very much Joeqwerty for your help. I have visited the links and I have learnt alot.

      You had asked if I host DNS records for my external domain and the answer is no, My DNS server has internal dns records only. I have a website but I dont host it in my internal server(its hosted by my ISP) and I had problems accessing it internally so what I did was to create an A and Alias record pointing to my external IP and it now works - is that the best way to do it?

      Now that you have an idea of how my DNS is setup, do you still advice me to change my internal domain/dns name. The reason I feel I need to change is that I hear it is not safe to have your internal domain name same as your external domain name.

      I am new in this domain/dns issues so kindly advice me appropriately
      Kenbat

      Comment


      • #4
        Re: How to Secure DNS and Domain

        If it were me I would leave it alone. If there are no external hosts querying your internal DNS server (because you don't host the DNS for your public doman namespace) and if you don't allow incoming DNS traffic through your firewall (you shouldn't allow it as it's not needed) then I personally would not take on the challenge of renaming the internal domain.

        As far as the web site is concerned, if it is hosted on a server at your ISP then I would think that whoever hosts your public DNS records should have a A or CNAME record for the web server. You shouldn't need to have a A or CNAME record internally to resolve the web site.

        Comment


        • #5
          Re: How to Secure DNS and Domain

          Thanks very much once again Joeqwerty for inputs.

          I think I will leave it the way it is.

          Your help was much appreciated.


          Kenbat

          Comment

          Working...
          X