Re: DNS cache corruption

Thanks. I will try that. Microsoft also has us running a bunch of kernel
scanners to see if the local machine has been comprimised. No Spyware,
Adware or viral activity is found. Nothing in any task scheduler. No
unknown processes or services running....

Wierd.

Kevin

"Brian S. Bergin" <net.terabyte@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:aku451tkceg2eroef6hte8clvtkgelaimc@xxxxxxxxxx
> "Microsoft support" <knickell@xxxxxxxxxx> wrote:
>
>>I have a horribly confusing problem. Have a client who three times in the
>>last week has had every entry in their DNS cache on a windows 2000 server
>>set to the same IP address. The address, all three times, resolves to
>>www.jothan.com. Every website not resolved directly by the internal DNS
>>server redirects to jothan.com. The reason I worry about this is that
>>this
>>is a site run by Jothan Frakes who is a DNS TLD expert influential with
>>ICANN. If I simply clear the DNS cache, it is not fixed and the cache
>>sets
>>every entry back to the ip of www.jothan.com. If I restart the DNS
>>server,
>>then clear the cache it is fine for a day or so.
>>
>>The second worry I have is that this issue started first thing the morning
>>of April fools day.
>>
>>Anyone with any idea whatsoever? They are using root hints and we
>>switched
>>to forwarders, just in case.
>>
>>Kevin Nickell
>>
>
> Have you enabled DNS Cache Pollution protection? In the DNS MMC,
> right click on the server name, Properties, Advanced, "Secure Against
> DNS Cache Pollution".
>
> Sincerely,
> Brian S. Bergin
> Terabyte Computers, Inc.
>
> Please post replies here so everyone may benefit.
>
> NOTICE: Use of this information is contingent upon acceptance of Paragraph
> 17 of Terabyte's Terms and conditions located at
> http://terabyte.net/terms.htm#postings.


.

Relevant Pages

  • Re: DHCP and print servers
    ... I noticed that the DHCP server says it is not connected when I first go into ... It is SBC 2003 SP1. ... Clear the DNS cache on the two affected machines. ...
    (microsoft.public.windows.server.setup)
  • Re: custom local web opening to server default page
    ... The DNS cache must have been the cause since it was happening on just ... I restarted DNS on the server after I ... noticed the problem but didn't restart the workstations! ...
    (microsoft.public.windows.server.sbs)
  • Re: Web Services DNS Round Robin
    ... So would any software load balancing scheme and you wouldn't need the ... That is, either server could ... >> This is used to allow a DNS Cache to choose who to call. ... >>> How to balance load among many web servers ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: DNS cache corruption
    ... >server redirects to jothan.com. ... If I simply clear the DNS cache, it is not fixed and the cache sets ... >every entry back to the ip of www.jothan.com. ... Have you enabled DNS Cache Pollution protection? ...
    (microsoft.public.win2000.dns)
  • Re: SBCore shutdown event 1012
    ... No flushing the DNS cache did not remove the callouts regarding multiple DNS ... There are no other servers on the network. ... from the SBS server, all connected through the server to a T1 line. ...
    (microsoft.public.windows.server.sbs)