Options dialog - DNS - Lame Requests
(Main window -> Options button -> DNS / Lame Requests section)
Copyright © 1999-2013 JH Software ApS
Options dialog - DNS - Lame Requests |
Simple DNS Plus v. 5.2 Copyright © 1999-2013 JH Software ApS |
|
| • | When receiving lame DNS requests |
Select one of the following options to specify how/if Simple DNS Plus should respond to lame DNS requests:
| • | Respond with a "Refused" error message (default) Using this option, you inform the server/client sending the request that you will not perform any recursion for them or provide any data for the requested domain name. |
| • | Do not respond (stealth DNS) Using this option, simple port scanning will not reveal that you are running a DNS server. This may make you a less interesting target for hackers. |
| • | Respond with a referral to Internet root DNS servers |
This option is available only because some DNS test tools, including some used by major domain name registrars, expect to see a root referral in response to requests for dummy/random domain names.
Unless needed for such tests, we do we do not recommend using this option because it might be abused for DNS amplification attacks.
| • | Respond with synthesized DNS records |
Using this option, you can redirect the client to a sign up page, or to a page informing the client that he is using a wrong DNS server.
Background:
A "Lame DNS Requests" is a DNS request sent to a DNS server which is not configured with the requested domain name (local zones or otherwise) and not configured to perform recursion for the IP address sending the DNS request.