You can further enhance the security of a DNS infrastructure by separating the DNS.DNS servers can be hardened to mitigate common DNS threats.This mechanism provides distributed and fault tolerant service and was designed to avoid a single large central database.
While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway.
However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible Do S attack initiated by XFER requests, then use the following policy.
It defines the DNS protocol, a detailed specification of the data structures and data communication exchanges used in the DNS, as part of the Internet Protocol Suite.
Historically, other directory services preceding DNS were not scalable to large or global directories as they were originally based on text files, prominently the HOSTS. The Internet maintains two principal namespaces, the domain name hierarchy The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces.
Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols.
By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality on the Internet, that has been in use since 1985.
Many organizations find it desirable to implement a split DNS infrastructure to support proper name resolution when the same domain name is used for both internal and external resources.
To enhance the security of a split DNS infrastructure, it is necessary to set up separate DNS servers that are both authoritative for the intranet and extranet DNS Resource Records.
With 100 of millions of hosts and billions of web pages it is an impossible task - it's also pretty daunting even with just a handful of hosts and resources.
To solve this problem the concept of Name Servers was created in the mid 70's to enable certain attributes (properties) of a named resource to be maintained in a known location - the Name Server.
The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network.