Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

MS. DNS

0 views
Skip to first unread message

Sangbutsarakum, Patai

unread,
Nov 21, 2000, 3:00:00 AM11/21/00
to

Hi folk
Have any guys found the messages

Nov 20 07:46:29 dns2 named[24865]: unapproved update from [1.2.3.4].8034
for can.co.th
on BIND 8.2.2-P5 on Solaris,
Looks like it come from the NT server that connect on the network. How
can I stop this messages?

Patai Sangbutsarakum (Patrick)


Vyto Grigaliunas

unread,
Nov 21, 2000, 3:00:00 AM11/21/00
to

Hi...

> From the desktop:
> 1 - Right-click the "My Network Places" icon, and select "Properties"
> 2 - Double-click the "Local Area Connections" icon
> 3 - Click "Properties" button
> 4 - Select "Internet Protocol (TCP/IP)", then click the "Properties"
> button
> 5 - Click the "Advanced" button
> 6 - Select the "DNS" tab
> 7 - Uncheck the "Register this connection's addresses in DNS" option
> 6 - Click the "OK" and "Close" buttons to back out and close windows

I'm not a WinNT/2000 administration expert, but does anyone know whether there
is a way to disable this domain-wide (NT/2000 domain, that is)...like via the
domain policies or something ??? Or does it need to be done on each individual
Win2000 system ???

TIA

Vyto G.

"Karma Crayona" <kar...@my-deja.com> wrote in message
news:8veer2$tpi$1...@nnrp1.deja.com...
> In article <8B0101D32365D4119D3900508BD8A61F2AEFEE@thcwtx01>,


> "Sangbutsarakum, Patai" <pat...@cwasia.net> wrote:
>
> > Nov 20 07:46:29 dns2 named[24865]: unapproved update from
> [1.2.3.4].8034
> > for can.co.th
> > on BIND 8.2.2-P5 on Solaris,
> > Looks like it come from the NT server that connect on the network. How
> > can I stop this messages?
>

> It sounds more like a Windows 2000 host is trying to register itself
> dynamically. If so, log in as administrator on the machine at [1.2.3.4]
> and do the following:
>
> From the desktop:
> 1 - Right-click the "My Network Places" icon, and select "Properties"
> 2 - Double-click the "Local Area Connections" icon
> 3 - Click "Properties" button
> 4 - Select "Internet Protocol (TCP/IP)", then click the "Properties"
> button
> 5 - Click the "Advanced" button
> 6 - Select the "DNS" tab
> 7 - Uncheck the "Register this connection's addresses in DNS" option
> 6 - Click the "OK" and "Close" buttons to back out and close windows
>
> You should not have to reboot for this to take effect. I hope this
> helps,
>
> --
> Karma C.
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
>
>

Kevin Darcy

unread,
Nov 21, 2000, 3:00:00 AM11/21/00
to

Sangbutsarakum, Patai wrote:

> Hi folk
> Have any guys found the messages
>

> Nov 20 07:46:29 dns2 named[24865]: unapproved update from [1.2.3.4].8034
> for can.co.th
> on BIND 8.2.2-P5 on Solaris,
> Looks like it come from the NT server that connect on the network. How
> can I stop this messages?

The only way to stop the messages is to stop the remote machine from
generating them in the first place, or to tune your logging for the
"security" category, but this is probably not a good idea since then you
could blind yourself to more serious security events.

By the way, there are DoS exploits for 8.2.2-p5. Upgrade to p7.


- Kevin

Christian Krackowizer

unread,
Nov 22, 2000, 3:00:00 AM11/22/00
to

At 14:54 21.11.2000 -0600, you wrote:

>Hi...
>
> > From the desktop:
> > 1 - Right-click the "My Network Places" icon, and select "Properties"
> > 2 - Double-click the "Local Area Connections" icon
> > 3 - Click "Properties" button
> > 4 - Select "Internet Protocol (TCP/IP)", then click the "Properties"
> > button
> > 5 - Click the "Advanced" button
> > 6 - Select the "DNS" tab
> > 7 - Uncheck the "Register this connection's addresses in DNS" option
> > 6 - Click the "OK" and "Close" buttons to back out and close windows
>
>I'm not a WinNT/2000 administration expert, but does anyone know whether there
>is a way to disable this domain-wide (NT/2000 domain, that is)...like via the
>domain policies or something ??? Or does it need to be done on each individual
>Win2000 system ???

shoot the following lines into every's machine registry

REGEDIT4

: kein dynamisches DNS-Update - bei statisches DNS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP\Parameters]
"DisableDynamicUpdate"=dword:00000001
"DisableReverseAddressRegistrations"=dword:00000001


with best regards

Christian Krackowizer
schuler technodat GmbH
Jakob-Haringer-Strasse 6
A-5020 Salzburg
Phone: +43(0)662/2282-0
FAX: +43(0)662/2282-9
e-Mail: ckrac...@std.schuler-ag.com

0 new messages