DNS question

[Kimlyn]

What threats do we protect ourselves from by not
publishing our DNS on the internet for everyone to see?

What would be needed to publish our DNS on the internet?

What considerations do we need to take into account?

 

[JoeyTMann]

Kind of a interesting question. Keeping your internal DNS off the internet
is the first line of security IMHO. Why tell everyone what is there?
External DNS should be small and only be the services you want to display to
the internet. Displaying your DCs and other servers just is like you walking
around in a crowded place with a sign on your back saying you have money or
other valuables in your possesion at the moment. See what I am getting at?
Just not good to advertise.

To publish your DNS on the inernet all you would really need to do is make
sure you the domain registered and the registrar knows where to send DNS
requests about your domain to. Then just allow the internet access by
opening up port 53 on your firewall or put the dns server in front of your
firewall...again probably not the best idea but I hope I answered your
questions....

Jason