On Windows machines, you can disable recursive DNS:
On Linux machines, there are a few common DNS servers:
BIND:
Open your BIND configuration file
In the ‘options’ section, make sure you have ‘recursion no;’ and ‘additional-from-cache no;’
Restart BIND after making any changes
DNSMasq:
Unfortunately, there is not a straight forward way to disable this within DNSMasq. You would either need to modify the DNSMasq configuration so that it no longer listens on public IP addresses, or firewall off UDP port 53 to all hosts except your desired ones.
If for some reason you cannot make the necessary changes and you are not hosting your own DNS, we would suggest that you firewall off all incoming UDP port 53 traffic.
]]>