Date: Thu, 24 Aug 2000 11:15:33 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: Igor Roshchin <str@giganda.komkon.org>, security@FreeBSD.ORG Subject: Re: named -- unapproved update (?) Message-ID: <v04210101b5cadbb0d1c5@[128.113.24.47]> In-Reply-To: <200008240457.AAA03676@giganda.komkon.org> References: <200008240457.AAA03676@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:57 AM -0400 8/24/00, Igor Roshchin wrote:
>Immediately, I started seeing a message:
>Aug 21 18:18:31 <daemon.notice> MYHOST named[1480]:
> unapproved update from [XXX.XXX.XXX.NNN].4110 for clientdomain.com
>where "clientdomain.com" - is one of the local domains,
>and apparently the quering host is in that domain...
>
>Unfortunately currently I have no access to that box, and
>all I know that it's running Windows (2000?). I am sure it
>does not have MYHOST in any of the configurations.
>
>Questions:
>1. What those requests mean ?
>2. What are the possible reasons for them ?
With Win2k, microsoft uses DNS for a number of things. Part
of this is that each win2k client will, BY DEFAULT, want to
do dynamic DNS updates of whatever DNS server it feels is the
right one to register with.
>3. How did [could ?] that host discover the DNS running,
> except for by scanning all local hosts ? Why would it
> do that ?
That's a good question, I don't know. It should be discovering
it via dhcp. How does that win2k machine get it's IP config?
>Or is it just Windows 2000 strangeness ? If so, is there is
>any way to get rid of those annoying messages ?
There is an option hidden away in the control panels. During
install it's in the 'advanced options' part of the tcp/ip
config. After install, you have to go into:
Control Panels/
Network & Dialup Connections/
Local Area Connection
Then click on the 'Properties' button,
Then select "Internet Protocols (TCP/IP),
Then click on "Properties",
Then click on "Advanced"
Then click on the tab setting for "DNS",
And at the bottom of the dialog window you'll see a checkbox
for the "Register this connection's addresses in DNS" option.
You want that checkbox to be off.
Simple, isn't it?
---
Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu
Senior Systems Programmer or drosih@rpi.edu
Rensselaer Polytechnic Institute
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04210101b5cadbb0d1c5>