Date: Fri, 28 Sep 2001 14:59:42 +0200 From: "Karl M. Joch" <k.joch@kmjeuro.com> To: freebsd-security@freebsd.org Subject: Windows 2000 Server behind IPFW/NAT tries to update external DNS? Message-ID: <3BB4743E.5080906@kmjeuro.com>
next in thread | raw e-mail | index | archive | help
i know this is quit off-topic, but i think this could affect others too. i have a FreeBSD IPFW/NAT box at a customer. they hav an windows 2000 server in their local net running on 192.168.x.x. i have no access to this server, but the admin showed me he has not clicked the register in dns button on this server as on all workstations. before doing this all of the workstations tried to update their entry in the external dns for their domain. on the workstations this worked. but the server still tries to update DNS1 and DNS2 for their domain (the local net is build up on theirdomain.tld). i blocked the access from this server to the dns and was surprised: 01300 35367 4838496 deny ip from 192.168.1.5 to 193.81.94.66 01400 58935 3418230 deny ip from 192.168.1.5 to 193.81.94.143 this stupid thing doesnt accept that there is no way to update and tries it endless. without blocking there showed up a lot of denied updates in the bind log (dns1/2) are in my server room. also if i would replace this stupid thing with samba, there is no way for it. any idea how to get this stupid M$ thing to not try to update the DNS? i know there are things in W2K regarding active directory and DNS, but still havnt found a way. -- -- Best regards / Mit freundlichen Gruessen, Karl M. Joch KMJ Consulting - CTS Consulting & Trade Service http://www.kmjeuro.com - http://www.ctseuro.com k.joch@kmjeuro.com - k.joch@ctseuro.com GSM : +43-664-3407888 Unsere Services: http://www.proline.at - Netzwerk und Sicherheitstechnik http://www.eushop.net - Onlineshop und Applikationen einfach mieten http://www.freebsd.at - Das Power Betriebssystem To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BB4743E.5080906>