Securing DNS.

Can anyone tell me what's the best way to lock down DNS so that it
doesn't send out root hints ?

Just moved our DNS and now it's responding to such queries.

Is this something I can do with a query filter ?!



6/3/2009 11:06:02 AM
novell.netware.dns-dhcp 3183 articles. 0 followers. Follow

2 Replies

Similar Articles

[PageSpeed] 35
Get it on Google Play
Get it on Apple App Store


It appears that in the past few days you have not received a response to your 
posting.  That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:
- Visit and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the 
correct newsgroup. (

Be sure to read the forum FAQ about what to expect in the way of responses:

If this is a reply to a duplicate posting, please ignore and accept our apologies 
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team

6/9/2009 6:25:58 PM
neiljt1 wrote:

> root hints

Please define above 

Tommy Mikkelsen
IT Quality A/S, Denmark
Novell Support Forums SYSOP

Sorry, but no support through email
Be a GroupWiseR, go
6/10/2009 1:09:10 AM

Similar Artilces:

move a netware 6.0 dns and dhcp server to a netware 6.5 dns and dhcp server
would appreciate if someone can step me through how to achieve above. I have checked all Novell tid and discussion forum and could not find steps referring to moving both dns and dhcp servers from a netware 6.0 sp4 server and to netware 6.5 sp4 server. Wai Chu In article <a4k8g.4419$>, Wai Meng CHU wrote: > could not find steps > referring to moving both dns and dhcp servers from a netware 6.0 sp4 server > and to netware 6.5 sp4 server. > That's because it's the same as long as you're moving from NW 5.0 ...

DNS? What DNS?
This has never happened before and in light light of this morning's news about the DDOS I was wondering if it is just my machine or if something else is going on. Background: A firewall on one of my machines blocked IE from getting to the net. I wanted to trace where it was planning to go to ( figure out if this was just XP again or something else. I tried Neo Trace and PC Helps "Net Tracer" but neither can track it. All I get is "undetermined" or "timed out" Robin In article <>, omeru...

Hi We are running 2 BM (3.8) Proxies and until today they have been operating reasonably well. Today we have started getting a lot of 504 errors on workstations using either both servers, looking at the proxy DNS page (on both servers) the DNS links are continually going up and down (like our internet) We have 3 DNS servers entered 2 external and 1 internal. I have tested from outside the BM Servers $and know the 2 external DNS servers are working fine (also no one else who use our provider have an issue). The internal DNS also seems fime. We have not made any changes to th...

How to Put new DNS in DNS/DHCP Server configure atNovell Netware 5 for Small Business
We have a Netware 5 for Small Business. Our ISP provides a new DNS search order. I made this change in sys:\etc\resolv.cfg file. Do I also need to make the change to DNS/DHCP Server at the Novell Server? If I do, what is the procedure to make this change? Are there other place I need to change also? Thanks! Q.Z You're best ask in the DNS newsgroup -- but why does your ISP provides a search order if you have your own DNS? -- Peter eDirectory Rules! ...

DHCP Questions ... Primary DNS Suffix and Bug in DHCP/DNS Utility
I have been reconfiguring our Novell 5.1 SP4 DHCP/DNS server to pass NDS Server, Tree, and Context information through DHCP. I would like to specify the Primary Domain suffix for Windows 2000 workstations. Currently, we manually enter a suffix domain name under the TCP/IP properties, but IT staff sometime forget to perform this step. Any help would be appreciated. Also, the DHCP/DNS Utility appears to have a display bug. The Directory Agent (Code 78) has been specified in my DHCP settings, but no value is displayed unless I click on the Modify button. We are running ...

DNS security patch
Hi, running NW65SP7. I see since Aug 8th (TID#5032400) the security patch for the popular DNS issues has now been posted. What I'm wondering about is it necessary to post this to your server if your DNS is only used for internal queries? That is the DNS cannot be queried from outside the firewall? If not needed when an internal DNS only, then I won't bother installing and risking my environment, since there's no other fix mentioned in the release. Cheers James Jjb, > That is the DNS cannot be queried from outside the > firewall? Do you trust t...

GlobalNames DNS zone and NetWare DNS servers
We have a mix of NetWare 6.5 and Windows Server 2008 DNS servers. There is a forwarding zone in Novell that points to the Windows DNS servers for the DNS zone Most workstations are configured for the DNS zone named xyz, so when they attempt to resolve a host name, they append xyz (i.e. Novell is primary for the xyz zone, and the workstations point to Novell, so it resolves properly. A few workstations are domain-joined, so they append (the AD domain name), turning webserver into They also point to NetWare DNS, wh...

Netware DNS compatibility with other secondary DNS servers
I have a problem where the primary DNS information for a domain is on a Netware 6 server. The secondary is hosted by an ISP. When I look at the SOA information on the ISP, the serial number is always 0, the refresh is always the number that the matches the serial, the retry is the refresh number and so forth. Has anybody seen this? I've done this type of thing a couple times in the past and have searched here and other places and can't seem to find that anybody else has seen this....anybody have any ideas? Just wondering, why is an ISP hosting your secon...

Netware to OES2 DNS/DHCP
I'm about to migrate my two dns/dhcp servers from Netware 6.5.8 to OES2 Linux 64bit machines. I have two questions about the process. 1. I've not migrated a Netware host to a OES2 host yet. I understand it's possible to do an ID tranfser to the OES2 box to keep the servername, ID etc Is this correct? 2. and more appropriate for this forum, DNS/DHCP. Can I run DNS/DHCP on both Netware and OES2 while I upgrade both machines, I will I need to have only one server running these services during the upgrade process? I'll need a couple of days to complete the above...

Defending your DNS: best practices for reliable DNS and DHCP
Well-publicized attacks against Domain Name System (DNS) root servers and top-level domains highlight the vulnerability of the DNS infrastructure. Many CIOs are looking for ways to ensure secure, reliable network services. We've identified design principles and best practices for resilient, reliable Dynamic Host Configuration Protocol (DHCP) and DNS services. DNS is the protocol and global network of servers that translate host names into Internet Protocol addresses. Before taking action, prioritize the risks to your network and identify the potential threats you may face. [ Rea...

We have had DHCP running on NetWare for some time, with no local DNS service. The DHCP option 6 is set to a BorderManager DNS proxy. I just set up a SLES 11 server with named, and it will resolve our local static IP addresses and forward to OpenDNS. I am using it now, and it seems to be working correctly. Next step, can I set the NetWare DHCP server to update the SLES DNS server, or would I be better off setting up DHCP on the SLES server? My main concerns are transitioning to the SLES server without disruption, and getting Option 60 for ZFD PXE boot set up correctly. ...

Dns/DHCP Netware upgrade
Hi, We have two 5.1sp6 servers running DNS and DHCP services. We want to move these 2 services to two new servers running Netware 6.5sp1a. What is the best way to do this? Is there something special to do, take care? Thank you --____LPHMXLZMXOMRLFKSEJCW____ Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable If they are in the same tree, then you really don't have to worry about = much at all (create the new server objects, make sure that any routers = doing BOOTP forwarding are setup for the new servers, then move the = s...

Windows DHCP
Hi All, We replaced some NW servers running DHCP with server 2003 boxes runnning DHCP. We configured them the same as far as address ranges, dns server addresses, etc. The problem is that the workstations which get addresses from the Server 2003 boxes will NOT register their PTR or A records on our Netware 6.5 SP5 DNS box. Is this a hopeless cause or is there some way to make this work? John Morgan -- Jmorg ------------------------------------------------------------------------ In article <>, Jmorg wrote: > The pro...

Netware DHCP to SunOne DNS
Currently we are using Netware for DHCP. Our goal is to start leveraging our DHCP setup to start registering and updating our existing DNS Servers running Sun's DNS. What is the best way to go about getting this going and is it necessary to also run Netware's DNS as an in between for this setup? Thanks In article <5olcg.958$>, Ted wrote: > What is the best way to go about getting this going and is it necessary > to also run Netware's DNS as an in between for this setup? > Yes, Novell's DHCP server can only upd...

DNS SECURITY ALGORITHM NUMBERS DNS KEY and SIG RRs [RFC2535] use an 8-bit number used to identify the security algorithm being used: Number DescriptionReference --------- ------------------------------ --------- 0 Reserved 1 RSA/MD5 [RFC2537,RFC1321] deprecated, see 5 2 Diffie-Hellman [RFC2539] 3 DSA/SHA1 [RFC2536,DSA,SHA-1] 4 Reserved for Elliptic Curve Crypto 5 RSA/SHA-1 [RFC3110] 6 - 251 Reserved by the IANA 252 ...

Web resources about - Securing DNS. - novell.netware.dns-dhcp

Securing Email Communications from Facebook
It's very important to us that the people who use Facebook feel safe and can trust that their connection to Facebook is secure; for instance ...

Securing Graph API Calls - Facebook-Entwickler
Graph API calls can be made from clients or from your server on behalf of clients. Calls from a server can be better secured by adding a parameter ...

Securing your Twitter experience with HTTPS - Twitter Blogs
... makes your Twitter experience more secure by protecting your information, and it’s especiall... Skip to main content Sign in Search Securing ...

Securing the landing zone - Flickr - Photo Sharing!
U.S. Army 1st Sgt. Gerald Eagan, with the 6th Engineer Battalion, throws his rucksack in front of him while pulling security on a remote mountain ...

Slamming Boss Against Wall, Shouting ‘I Need More Cash!’ Still Leading Tactic For Securing Raise - YouTube ...
Subscribe to The Onion on YouTube: Calling it the most effective method for reaching one’s full earning potential, a report ...

AFC president calls for more on-pitch success from Asian nations after securing a new term - The National ...
The Asian Football Confederation (AFC) is more united than it has been before but its teams must do better on the field, Shaikh Salman Bin Ebrahim ...

IN PICTURES: Securing the journey to the Cloud roundtable - Slideshow - ARN
... to discuss the journey towards the cloud. ARN in conjunction with itX, Trend Micro and VMware hosted the exclusive discussion on the securing ...

Veterans' families serve by securing the base in wartime
There are no memorials to the families of soldiers. There should be.

Securing the network beyond passwords - consumerization of IT, BYOD, MDM, Networking, security, wireless ...
Passwords have been a weakness of network security since the development of computer networks. Through guessing weak passwords, exploiting weak ...

Resources last updated: 12/11/2015 9:52:48 AM