Overview
DNS recursion is enabled by default on your Windows 2008 server. With recursion enabled, the DNS server queries other DNS servers on behalf of the requesting client to fully resolve the name, before sending the answer back to the requesting client. Since this setting can increase your vulnerability to a DNS amplification attack, you should disable this option on your server if your DNS server is not intended to receive recursive queries.
This article explains how to enable or disable DNS resolver on your Windows 2008 server.
Instructions
1) Connect to your server via RDP (Remote Desktop Protocol) using your administrator credentials. You can locate your administrator credentials via your Control Panel (https://manage.myhosting.com) under the Windows VPS > Virtual Machine section.
2) Navigate to Administrative Tools > DNS within the Start menu.
3) In the DNS manager, right click on your DNS Server and choose Properties.
4) To enable your Windows 2008 Server’s DNS recursion functionality make sure the checkbox for Disable recursion (also disables forwarders) is NOT checked.
To disable your Windows 2008 Server’s DNS recursion functionality make sure the checkbox for Disable recursion (also disables forwarders) is checked.
5) Click Apply and close the window by clicking OK.
6) To apply the changes, right click on your DNS server then choose All Tasks > Restart.
* Alternatively, you can use the following command prompt to disable your DNS recursion. You need to open your command prompt on your server with administrative access. (Right click on Command Prompt and choose Run as Administrator)
Use this command: dnscmd localhost /Config /NoRecursion 1
This command will turn off the DNS recursion on your DNS server.
Conclusion
After following the steps above, you should now have successfully enabled or disabled your Windows 2008 Server’s DNS recursion functionality.