How to hide result from dig @MyDnsServer my.domain ns

H

HappyPotter

Verified User
Joined
Aug 3, 2020
Messages
6
For security, I dont want people to guess my server location.

Is it possible to hide the result if hacker queries directly using the correct nameserver?

Bash: 
dig @MyDnsServer my.domain ns

Bash: 
;; AUTHORITY SECTION:
my.domain.        3600    IN    NS    ns.MyDnsServer
my.domain.        3600    IN    NS    ns.MyDnsServer

I tried and can delete A/TXT/MX records, but directadmin tells me I have to keep at least one nameserver.

The real NS of my.domain is on cloudflare. www & @ are pointed using A records with read IP.

Is it possible to achieve this? or is there any way I can somehow block from query on specific domain?

Thank you.
 
If there NS record in your DA panel - it didn't mean it visible from outside - till you configure it from domain registrar. Also you can totally shutdown named/bind service. Also close 53 port in firewall, or all ports except http/https and ssh - if you don't need them.
 
Zhenyapan said:
If there NS record in your DA panel - it didn't mean it visible from outside - till you configure it from domain registrar. Also you can totally shutdown named/bind service. Also close 53 port in firewall, or all ports except http/https and ssh - if you don't need them.
Click to expand...
Thanks for your suggestions.

A bit trouble is that, some other domains on my DA are pointing the same nameserver. Thats why I cant directly close named/bind/port 53.

Is it possible if I manually modify `/etc/named.conf` or `/var/named/my.domain.db`? If I do not change settings in DA web pannel, will these 2 files be overwritten automatically?

Thanks!!
 
I found the solution.

by adding `allow-query { none; };` in `/etc/named.conf`
Code: 
zone "my.domain" { type master; file "/var/named/my.domain.db"; allow-query { none; }; };
 
You must log in or register to reply here.
Back
Top