Hide subdomains from scan tools

domain-name-system subdomain cloudflare

How can I hide the subdomains list from scan tools like dnsdumpster? I have some subdomains, where I keep dev versions of my projects.

I need to be sure that nobody can know about subdomains.


If your dev versions of your sites with the subdomains that you do not want to be publicly obvious are all located on the same host. Thus your dev sites just use host headers, then you could just use a wild card entry in your DNS to point to your host. It doesn't really hide anything other than the fact that now you do not have to create any entries in your DNS for those subdomains and thus do not show up in any tools that list out all your DNS entries.


You can't. It would defeat the primary purpose of the dns system: To map ip addresses to domain (or subdomain) names. For that reason all dns entries are public.

Also see Domain Name System

A security related note: Development versions of your projects should not be publicly available on the internet. If they have to, they should at least be protected to persons that do need to have access, for example by limiting access to certain ip addresses or by using a password protection.

Related

Why doesn't libvirt cooperate with iptables on fedora 32
nginx: combine Expires and Cache-Control: immutable headers
Server Uptime Reporting and Tracking
Free hex file viewer [closed]
Account lockout
What inconsistencies should I expect between WAMP and LAMP stacks? [closed]
Should I install antivirus in Windows 7 RC XP Mode?
Google Contacts on IP phones via asterisk PBX
Good Linux podcasts/links for beginners [closed]
Using SQL Server 2008 Management studio to connect to SQL Server 2005 databases
Are there any FIPS-140-2 certified solutions for Linux? [closed]
How long should we wait before deploying Vista / Server2008 SP2