Skip to content

How to Limit the Number of Clients To Which DNS Server Can Listen In Windows Server 2003?

By Codrut Nistor

Posted in How-to, Windows-server-2003

By default Windows server 2003 DNS server can listen and respond to all IP addresses which send their queries to it. In many cases this setting is left intact as this is the best possible configuration for an ideal network scenario. However in complex scenarios because of security reasons administrators restrict the numbers of clients which can forward queries to a DNS server. By doing this configuration DNS server can be prevented from the possible malicious or Denial of Service (DoS) attacks which can be initiated by a hacker or any person with destructive behavior. You can configure the above settings by following the steps given below:

  1. Log on to the DNS server using administrative privileges.
  2. Click on Start button.
  3. From the start menu go to Administrative Tools and from the submenu click on DNS.
  4. From the opened snap in right click on the computer name which is PCTIPS-3000 in this case and click on Properties.
  5. Make sure that you are on Interfaces tab and select Only the following IP addresses radio button.
  6. In IP address text box type the IP address from which you want DNS server to accept the queries and respond and click on Add button.
  7. Click on Ok button to accept and confirm your configuration. You can type as many IP addresses as you want one by one.