I've proposed a draft before that would reserve a TLD for use on private networks, for exactly this kind of reason - to stop internal DNS naming structures leaking out to the internet in some way or another. For example if psg were using psg.pri as their internal win2k domain, (not .com) I don't believe this sort of problem would occur.
(Oh, and yes, I'd prefer Win2k wouldnt do this kind of thing at all. But it does.)
regards
Simon Coffey
Bruce Campbell wrote:
[EMAIL PROTECTED]">On Mon, 28 Jan 2002, Kevin Darcy wrote:Randy Bush wrote:so why are all these spurious updates in my logs? many hundreds a day.
28-Jan-2002 17:41:57.765 security: error: client 63.196.106.137#27584: update 'psg.com/IN' deniedWindows 2000. Don't ask me where they get the domain names from;
sometimes I think they just make them up at random. I get update
attempts for domains we haven't used in years. Reverse domains too.
Windows 2000 and (recent) friends will attempt to perfom a dynamic update
for both the domain _that the local administrator has configured_ and also
for _the IP address that it has been assigned_.
In Randy's case, its one of:
*) lots of people like 'psg.com' (hence, lots of attempted updates).
or
*) Their default search is '.com', and lots of people like 'psg'.
( Haven't seen this myself )
or
*) The logs are incorrect in recording an update attempt for
'psg.com' and are actually recording an update attempt sent
to a psg.com machine as it is a listed nameserver for a domain
that the local administrator has configured. ( Actually they
try to contact the machine in the MNAME field of the SOA record )
or
*) Something flakey (where they start off by trying to update a
domain that something.psg.com is a listed secondary for, but
end up attempting to update th e 'psg.com' itself).
Note that Microsoft has some conditionals in the code to prevent them from
attempting to send dynamic updates to 'known' root servers.
_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
