Simple DNS Plus 8.0 Build 108 (x64) | 11.7 Mb
The simple yet powerful DNS server for Windows. What makes Simple DNS Plus "easy" is the user interface and automation features. All options and settings are available directly from the intuitive Windows interface. It includes general-purpose wizards, such as setting up new zones, importing data, performing bulk updates, and so forth. You never have to bother with cryptic configuration files or registry settings.
Newbies can set up their DNS server correctly and securely in no time. But make no mistake – Simple DNS Plus is a very powerful and fully featured DNS server, and it offers many options for advanced users who can customize it as they please.
Authoritative and recursive DNS server (resolver and cache)
All the DNS server features and functionality you need to host DNS for domain names, assign domain names to computers and devices, create and delegate subdomains, resolve other domain names on the Internet, and accelerate Internet access through centralized DNS caching, and more.
High performance DNS server engine and user interface
Ideal for hosting and managing a few domains up to 100,000 domains.
The UI is optimized for processing really large domain name portfolios.
Simple DNS Plus provides options for configuring all aspects of DNS services, including many unique but important options that are not available in competing products, such as: For example, the ability to limit recursion by IP address. The options are clear and easy to manage in a central options dialog available directly from the first toolbar button in the main program window.
Of course, the software is preconfigured with settings suitable for most users.
Remote Management / Windows Server Core
The Simple DNS Plus user interface can be run on a desktop computer that connects to a remote Simple DNS Plus server so that the server can be easily and quickly managed without Remote Desktop, VNC, or anything similar.
You can even remotely manage a Simple DNS Plus service running on Windows Server Core (not a GUI on the server).
Direct support for dynamic IP clients
Simple DNS Plus supports TSIG-authenticated dynamic DNS updates.
This update method is more efficient than the HTTP-based and other proprietary update methods that are typically used because they are done directly through the DNS protocol.
Several dynamic IP updater applications can be used.
Setup tutorials are provided for DynSite and DirectUpdate.
Simple DNS Plus can also be used as a dynamic DNS service for more general HTTP-based update clients, either with the DynDNS service plug-in or with a web server frontend. ASP.NET and classic ASP sample code are available here.
Full support for IDNs (internationalized domain names)
In Simple DNS Plus, you can enter domain names with native characters directly (no Punycode conversion required). In addition, you can view native character or punycoded domain names anywhere in the interface and quickly switch between these modes.
Simple DNS Plus offers full support for IPv6.
Easy to integrate into other applications
You can create DNS records or entire DNS zones from other applications or Web sites, and request Simple DNS Plus to dynamically load and use them via our REST / JSON-based HTTP API.
The HTTP API allows you to control just about anything in the software.
We provide a Swagger / OpenAPI specification file for the HTTP API for use with a long list of automation tools – for example, to generate client code in virtually any programming / scripting language.
You can explore, play, and test the HTTP API using the Swagger interface. Check it out
Simple DNS Plus also allows you to connect to other applications and data from different sources via different plug-ins and can be extended by an open plug-in architecture.
100% of .NET managed code
This provides excellent performance – even on 64-bit computers running Simple DNS Plus in native 64-bit mode.
And that's very safe, as common security issues like buffer overflows just can not occur.
Strong security features:
Protects against DNS spoofing (a.k.a. "Cache poisoning")
"DNS spoofing" is a term for malicious cache poisoning in which fake data is stored in the cache of the DNS server.
Spoofing attacks can cause serious security issues, such as: For example, users may be redirected to incorrect Internet pages, or e-mail messages may be forwarded to unauthorized mail servers.
Simple DNS Plus automatically protects this in a number of ways:
- Incoming answers that do not match a sent request are automatically filtered out.
- All records in received DNS responses are checked for authority, and records for which the answering DNS server has no permission are ignored.
- It uses random request IDs.
- It sends outbound DNS requests from random port numbers (a.k.a. "Port Randomization").
- It queues identical requests to prevent "birthday attacks".
- It has the option "Ignore answers that are not from the IP address to which the request was sent".
- There is an option to "ignore responses that do not repeat the request question pane."
- It is possible to randomly create the letter shell of the query name of outgoing DNS requests and accept only responses that correctly reflect this (DNS0X20).
Restrict recursion to client IP address
You can specify for which clients (by IP address / subnet) the server should recursion.
Answer filtering stops "DNS recovery attacks"
Web browsers generally allow any script, Java object, Flash object, etc. to communicate over HTTP / TCP with the server that has hosted a web page as long as that web page is open in the browser. This is controlled by the host name specified in the web page URL. A "DNS Rebinding Attack" occurs by quickly expiring the DNS record for the hostname (low TTL and other tricks) and then providing a new IP address for the hostname in response to the next DNS request (" re-binding "). ). The new IP address would be the private / local IP address of an intranet server or device at your site. With a bit of scripting, the attacker can use your browser as a gateway to your entire intranet – completely bypassing your firewall. The same attack may be possible with other Internet applications that rely on hostnames for security reasons. Browser companies are taking steps to prevent this in new browser versions. However, it is much more efficient and secure to stop this type of DNS-level attack by filtering private / local IP addresses in DNS responses from external DNS servers.
Option "stealth DNS"
A hacker can use a software utility called a "DNS port scanner" to search for potential targets. This software sends dummy DNS requests to a range of IP addresses on different service ports to only register which addresses / ports are responding.
All addresses / ports that responded are then further examined for possible vulnerabilities.
Simple DNS Plus has a special "stealth" option that makes it invisible to such DNS port scanners by not responding to a DNS request, unless it is data in or from local zones a recursion offered by the client.
Safe zone transmissions
Avoid exposing all your server addresses and other potentially sensitive information by limiting who can zone your zones.
Simple DNS Plus supports secure zone transfer (TSIG authenticated). Both zone transfer requests and responses are authenticated, so this provides protection in two ways. It prevents unauthorized transfers (only persons / servers with the correct key can be transferred), and it ensures data integrity on secondary servers (incorrect data can not be forged / inserted during transmission).
Zone transfers can also be restricted by the IP address if the secondary DNS server does not support TSIG signed zone transfers (less secure, but much better than having a zone transfer your data).
Block the IP address
Ignore packets from known perpetrators (by IP address). They indicate how long a block should remain in effect and indicate why the IP address was blocked for easy access. Such comments are also displayed in the log if requests from the IP address are ignored.
IP addresses that make too many requests to respond quickly (possible DoS attack) can either be automatically added to the blacklist or the rate is limited.
An editable list of trusted IP addresses is not subject to automatic blocking / rate limiting.
Windows® 10, Windows® 8 / 8.1, Windows® 7
start page –
Recommend Link Hight Speed | Please say Many Thanks Keep the topic live