Stop unauthorized DNS zone transfers in Windows NT

by TechRepublic Staff in Developer

on July 13, 2005, 7:54 AM PDT

Stop unauthorized DNS zone transfers in Windows NT

Allowing unauthorized DNS zone transfers in Windows NT can leave your network vulnerable to malicious attacks. To lock down your network, it's better to configure your DNS server to accept zone transfer requests only from selected IP addresses. Find out how in this Windows NT tip.

If you don’t specifically configure a DNS server to only
accept zone transfer requests from designated sources, anyone on the Internet
with the proper tools can transfer a complete copy of your DNS zone database to
his or her system.

Malicious users typically accomplish this using the NSLOOKUP
utility and the ls -d command. In
addition, a hacker could possibly configure a DNS server to act as a secondary
name server for the zone and transfer the database in that fashion.

To lock down your network, it’s a best practice to configure
your DNS server to accept zone transfer requests only from selected IP
addresses.

Follow these steps:

Open
the DNS Manager by going to Start | Programs | Administrative Tools | DNS
Manager.
Open
the DNS server that hosts the zone.
Right-click
the zone, and select Properties.
On the
Notify tab, add the IP addresses for any systems that you want to allow to
perform zone transfers in the Notify List.
Select
the Only Allow Access From Secondaries Included On The Notify List check
box, and click OK.

The DNS server will now reject zone transfer requests from
any sources other than those listed. You can add IP addresses to this list even
if they’re not for Microsoft DNS servers without causing errors.

By TechRepublic Staff

Account Information

Contact TechRepublic Staff

Your message has been sent
|
See all of TechRepublic's content

Editor's Picks

Image: Rawpixel/Adobe Stock

TechRepublic Premium
TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

TechRepublic Staff
Published: March 14, 2023, 9:10 AM EDT Modified: March 15, 2023, 9:16 AM EDT Read More See more TechRepublic Premium
Image: Blue Planet Studio/Adobe Stock

Payroll
The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

Ali Azhar
Published: February 28, 2023, 11:11 AM EST Modified: March 20, 2023, 4:45 PM EDT Read More See more Payroll
Image: Microsoft.

Software
Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

Mary Branscombe
Published: February 28, 2023, 2:59 PM EST Modified: February 28, 2023, 2:59 PM EST Read More See more Software
Image: tanatat/Adobe Stock

CXO
Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Owen Hughes
Published: March 3, 2023, 3:12 PM EST Modified: March 16, 2023, 12:56 PM EDT Read More See more CXO
Image: Nuthawut/Adobe Stock

Software
The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

Brenna Miles
Published: December 27, 2022, 11:45 AM EST Modified: March 16, 2023, 2:25 PM EDT Read More See more Software
Image: Song_about_summer/Adobe Stock

Security
1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

Karl Greenberg
Published: March 2, 2023, 3:44 PM EST Modified: March 7, 2023, 4:10 PM EST Read More See more Security

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for employee performance reviews, which will clearly document accomplishments and areas of opportunity via an encouraging and thought-provoking analysis. This will assist in determining the next steps for employees as well as their future at the organization. This policy can be customized ...

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for requesting, filing and permitting paid/unpaid time off as well as to ensure coverage during holidays, vacation(s) and other absences where staffing levels must be consistent to meet the needs of the business. From the policy: TIME OFF GUIDELINES All time off ...

PURPOSE This policy describes the organization’s employee privacy guidelines and outlines employee privacy expectations. From the policy: POLICY DETAILS The organization’s IT equipment, services and systems are intended for business use only. However, the organization acknowledges that staff, consultants and volunteers occasionally require opportunities to make or receive personal phone calls, access personal email, utilize ...

Stop unauthorized DNS zone transfers in Windows NT

Stop unauthorized DNS zone transfers in Windows NT

Editor's Picks

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

The Best Human Resources Payroll Software of 2023

Windows 11 update brings Bing Chat into the taskbar

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

The 10 best agile project management software for 2023

1Password is looking to a password-free future. Here’s why

Employee performance review policy

Employee time off policy

Employee privacy policy

Security response policy

Account Information

Stop unauthorized DNS zone transfers in Windows NT

Daily Tech Insider Newsletter

Account Information

Share with Your Friends

Account Information

Contact TechRepublic Staff

Editor's Picks

Daily Tech Insider Newsletter