Do I actually need a DNS service on a remote dedicated server
Without access to the server it's quite hard to tell exactly if it's needed or not, but it sounds like you're running a public DNS server since it's been targeted by exploits.
The only reason to run a DNS server on the public Internet is to serve records, so I'd be surprised if someone set it up correctly without any need for it.
The best place to start is to investigate the DNS records of your domains.
For example, let's say your company owns the domains example.com and example.org. Check that both domains name server records (NS) doesn't point to that particular server.
Another way to check this same thing is to open mmc.exe
on the server and adding the DNS snap-in. Look under Forward Zones to see what kind of records the server is configured to serve.
It sounds like DNS Recursion is enabled, fortunately it is an easy one to answer:
- Check for any Forward or Reverse Lookup Zones.
- If there are any forward zones, check the nameserver records at the registrar for those domains, and make sure they are not pointed to the DNS server.
- If they are not, turn off DNS completely.
- If they are, disable recursion on the server.
Before doing the last two, make sure you change the server’s DNS server IP address(es) in the network configuration to alternate servers, as more often than not when a DNS server has recursion enabled, it will resolve records to itself.