Why is there a DNS server running on Ubuntu on AWS by default? | by Teri Radichel | Cloud Security | December 2023


Here’s how to disable it if you don’t need it and go back to solveconf – take 2

Medium performed so poorly today that I had to delete and re-add my previous post when I wanted to update and fix things.

I hope this can understand this. In the meantime, here is the updated message.

One of my stories about DNS Security And Ubuntu

It’s not really a good idea to run a DNS server on your VM unless you really need it.

I leave the research of these topics as an exercise for the reader:

  • DNS binding
  • DNS exfiltration
  • DNS Tunneling
  • DNS boost
  • Past vulnerabilities on DNS servers

The list goes on.

I was surprised to get this error when setting up Burp Collaborator. What? Do I use a DNS server? Mind you, I mainly used Windows before this and some Debian as well as Centos, RedHat and of course Amazon Linux. I’m a little newer to Ubuntu, so I understand all the details and plan to write more as I go.

I didn’t expect to have to disable a DNS server running by default. Can you imagine a DNS server running by default on all existing Windows machines? For those who understand the implications – a nightmare.

Also – I say default because I don’t have it installed. The only things I think I installed on this instance were:

I also installed the Let’s Encrypt HTTP validation tool on one server (which I don’t like and don’t recommend) but not on the two servers that have this default systemd DNS server running. I’ve heard a lot of people complain about systemd. Is that why? Or something else? I don’t know but I don’t like it.

This is the mistake that led me to this discovery.

Leave a comment