This post explains how to restrict automatic NS resource record registration in Windows Server DNS using
Dnscmd. This prevents Windows Server DNS to automatically create NS records for zones that it hosts on the server.
Here’s a blacklist check script written in PowerShell. You can use this to lookup an IP address in various blacklists (DNSBL, RBL). Such a check is a great indicator for an IP address’ reputation. Basically this PowerShell blacklist checker is a port of my Bash script to check an IP address blacklist status in Linux.Continue reading
How to add DNS servers – or resolvers – to a Windows Server network adapter, or interface using WMI and the
netsh command. This one is quite old but may come in handy sometimes. In this example we use Google’s Public DNS server addresses and localhost to add as DNS Servers on our server.
Close your open resolvers now! Open Recursive Resolvers pose a significant threat to the global network infrastructure. They are utilized in DNS Amplification attacks and pose a similar threat as those from Smurf attacks commonly seen in the late 1990’s. What can I do?
Here is a Linux Bash shell script to check whether an IP address is listed in a DNSBL blacklist, or RBL. This is a modified version of a by J65nko posted Bash script to check an IP address reputation status in several blacklists. I’ve added HttpBl as backlist and an API key is required for this list. Using this script in Bash you can quickly test if an IP address is blacklisted.