Dear customer,
We received a complaint regarding an IP assigned to you. Please see the complaint at the bottom of this e-mail. We urge you to take appropriate action to prevent future complaints.
LeaseWeb Security Response Team (LSRT)
***** ADDITIONAL INFORMATION BY LSRT *****
******************************************
****************************************** ORIGINAL COMPLAINT BELOW ******************************************
Dear sir, madam,
LeaseWeb has been notified that the server you are running within LeaseWebs network with the IP: [See list in the bottom] is running an open DNS server. Even though this is not an illegal practice, it is not recommended as malicious individuals can abuse it to perform Ddos attacks which can generate a lot of traffic which can lead to a bandwidth surcharge and abuse complaints. Therefore LeaseWeb urges her customers to change these settings .
Configuring OpenDNS on routers and modems ensures that all computers and devices that connect to that router or modem use OpenDNS and the subsequent Web content filtering and security settings. This is recommended as the best-practice configuration to use for networks that do not have an internal DNS server.
Please note that if you choose to leave the settings as they are, and abuse is generated, you will receive a notification warning, which can lead to a block of all involved IP addresses and/or servers. If you have any questions, do not hesitate to contact us.
If you run bind please add / change the following in named.conf or named.conf.options These files should be located in /etc/bind/
-------- // Disable recursion for the DNS service // options ; --------
If you do require recursive queries from certain source addresses please add the IP addresses in the allow-query area of the same named.conf or named.conf.options files.
-------- // Permit DNS queries for DNS messages with source addresses // in the 192.168.1.0/24 netblock. The 'allow-query-cache' // options configuration can also be used to limit the IP // addresses permitted to obtain answers from the cache of // the DNS server. Substitute with your own network range. // options ; }; --------
If you are running a windows DNS server you can disable recursion on the DNS server using the Windows interface
1. Open DNS Manager.
2. In the console tree, right-click the applicable DNS server, then click Properties.
Where?
DNS/applicable DNS server
3. Click the Advanced tab.
4. In Server options, select the Disable recursion check box, and then click OK.
Additional considerations
- To open DNS Manager, click Start, point to Administrative Tools, and then click DNS.
- If you disable recursion on the DNS server, you will not be able to use forwarders on the same server.
To disable recursion on the DNS server using a command line 1. Open a command prompt.
2. Type the following command, and then press ENTER:
dnscmd <ServerName> /Config /NoRecursion (1|0)
Parameter Description
dnscmd
Specifies the name of the command-line tool for managing DNS servers.
<ServerName>
Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).
/Config
Required. Specifies that the command configures the specified server.
/NoRecursion Required. Disables recursion.
(1|0) Required. To disable recursion, type 1 (off). To enable recursion, type 0 (on). By default, recursion is enabled.
Once you've changed the configuration please reply to this ticket.
If you run other DNS software and cannot find how to disable recursive queries please let us know via this ticket.
