O'Reilly logo

Microsoft® Windows® Security Resource Kit, Second Edition by The Microsoft Security Team, Brian Komar, Ben Smith

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing DNS Servers

When planning the security of DNS servers, you should prepare for attacks against both DNS clients and DNS servers. Either type of attack can lead to clients being directed to unauthorized DNS servers or referenced to incorrect servers by fraudulent DNS resource records. By implementing the following security measures, you can reduce the probability of a successful attack against your DNS servers. These measures increase the security of your DNS servers and lessen the chances of a successful attack:

  • Implementing Active Directory–integrated zones

  • Implementing separate internal and external DNS name servers

  • Restricting zone transfers

  • Implementing IP Security (IPSec) between DNS clients and DNS servers

  • Restricting DNS traffic at ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required