Skip to content

Nameservers security controls

Control : NAME-4028

DNS resolving is part of the network functionality of systems. Properly configured network settings are needed for providing business services.Unix based systems are usually part of a domain. This domain name is the DNS domain name of the company. Lynis tries to determine what domain name this is, by checking several configuration files. In case this control shows up, Lynis was unable to discover it properly. This might indicate a misconfiguration of the server, or an alternative configuration set-up being used. Check the system and network configuration for the possible cause.

Control : NAME-4206

Test the configuration of bind configuration for errors or warnings.

Control : NAME-4210

The name or version of software should generally be hidden to external users of the software. In case of Bind, there is no clear benefit of revealing the version. To limit the risk of information leakage to malicious people or scripts, hide the Bind version.