dnswatchdog.iodocs
Issues

Port 53: DNS

Open DNS port detected on a publicly accessible host.

Severity: Warning | Port: 53

What is DNS?

DNS (Domain Name System) is the internet's phone book. When you type a website address like example.com, a DNS server translates that name into an IP address your computer can connect to. DNS servers listen on port 53 for these lookup requests.

Why this is a problem

If a DNS server is configured as an "open resolver" — meaning it answers DNS queries from anyone on the internet — it can be abused in DNS amplification attacks. Attackers send small DNS queries with a forged source address (the victim's IP), and the DNS server sends much larger responses to the victim, overwhelming them with traffic.

What you should do

  • If this host is not intended to be a public DNS server, disable the DNS service and close port 53
  • If it is a DNS server, configure it to only respond to queries for domains it is authoritative for (disable recursive queries for external clients)
  • Implement rate limiting to reduce the impact of amplification abuse
  • Use response rate limiting (RRL) if your DNS software supports it

Port 25: SMTP

Open SMTP port detected on a publicly accessible host.

Port 135: MS-RPC

Open MS-RPC port detected on a publicly accessible host.

On this page

What is DNS?Why this is a problemWhat you should do