Medium performed so poorly today that I had to delete and re-add my previous post when I wanted to update and fix things.
I hope this can understand this. In the meantime, here is the updated message.
One of my stories about DNS Security And Ubuntu
It’s not really a good idea to run a DNS server on your VM unless you really need it.
I leave the research of these topics as an exercise for the reader:
- DNS binding
- DNS exfiltration
- DNS Tunneling
- DNS boost
- Past vulnerabilities on DNS servers
The list goes on.
I was surprised to get this error when setting up Burp Collaborator. What? Do I use a DNS server? Mind you, I mainly used Windows before this and some Debian as well as Centos, RedHat and of course Amazon Linux. I’m a little newer to Ubuntu, so I understand all the details and plan to write more as I go.
I didn’t expect to have to disable a DNS server running by default. Can you imagine a DNS server running by default on all existing Windows machines? For those who understand the implications – a nightmare.
Also – I say default because I don’t have it installed. The only things I think I installed on this instance were:
I also installed the Let’s Encrypt HTTP validation tool on one server (which I don’t like and don’t recommend) but not on the two servers that have this default systemd DNS server running. I’ve heard a lot of people complain about systemd. Is that why? Or something else? I don’t know but I don’t like it.
This is the mistake that led me to this discovery.