Running publically facing DNS servers is often necessary in order to allow Internet resolution of your domains and services but allowing 3rd party look ups of other people’s domains and services (recursion) can create unnecessary server load and potential security problems.
Disabling recursion in BIND is involves editing the BIND configuration file (usually /etc/named.conf) and including the following configuration:
// Version obscures your BIND version information which
// protects you against attackers probing known vulnerabilities.
// Optional Ã¢â‚¬â€œ disables all transfers Ã¢â‚¬â€œ
// slaves allowed in zone clauses
// Optional Ã¢â‚¬â€œ disable all recursive queries
Once you have secured your DNS configuration restart BIND (/etc/init.d/named restart) then test that recusion is disabled by clicking here and entering your DNS server/s IP address.