Closure of connection to off-site DNS services from within CERN

The internet Domain Name System (DNS) service is a mechanism which translates the names of computers into IP addresses (a sort of telephone book). For reasons of security, users of computers on the CERN site are required to use only the DNS services supported centrally by IT. This is in order to avoid possible breaches of the CERN Central Firewall as well as assorted vulnerabilities which have recently been exploited in DNS code by criminals. The DNS service uses IP port 53, which is already blocked coming into CERN, and which will be blocked in the outward direction from 28 October.

For correctly configured CERN machines or any portable using automatic configuration (via the DHCP protocol), this change will be transparent. However, portable machines brought onto the CERN site which are not set up to use DHCP will need to have the IP address of the CERN DNS services correctly set in their configuration. How to do this is explained in http://cern.ch/dns.

In case of questions on this topic, contact the helpdesk (mailto:helpdesk@cern.ch).

CERN IT Department

by IT Department

Back to search

Record created 2008-10-02, last modified 2012-09-14

Similar records

Add to personal basket
Export as BibTeX, MARC, MARCXML, DC, EndNote, NLM, RefWorks

CERN Document Server

Access articles, reports and multimedia content in HEP

Main menu

Also in this Issue: