Hide subdomains from scan tools

How can I hide the subdomains list from scan tools like dnsdumpster? I have some subdomains, where I keep dev versions of my projects.

I need to be sure that nobody can know about subdomains.


If your dev versions of your sites with the subdomains that you do not want to be publicly obvious are all located on the same host. Thus your dev sites just use host headers, then you could just use a wild card entry in your DNS to point to your host. It doesn't really hide anything other than the fact that now you do not have to create any entries in your DNS for those subdomains and thus do not show up in any tools that list out all your DNS entries.


You can't. It would defeat the primary purpose of the dns system: To map ip addresses to domain (or subdomain) names. For that reason all dns entries are public.

Also see Domain Name System

A security related note: Development versions of your projects should not be publicly available on the internet. If they have to, they should at least be protected to persons that do need to have access, for example by limiting access to certain ip addresses or by using a password protection.