Re: What is prisoner.iana.org
- From: "Kerry Brown" <kerry@xxxxxxxxxxxxxxxxxxx*a*m>
- Date: Tue, 13 Dec 2005 15:55:43 -0800
Ian Henderson wrote:
> I have a PC installed with Windows XP SP2, authenticating to a
> network, the Domain Controller for which is running Windows 2000
> Service Pack 4.
> Recently I've noticed that at regular intervals (every hour/90
> minutes), my PC writes the following entry into the System Event Log:
>
> Source: LSASRV
> Category: SPNEGO (Negotiator)
> Type: Warning
> Event ID: 40961
>
> Description: The Security System could not establish a secured
> connection with the server DNS/prisoner.iana.org. NO authentication
> protocol was available.
>
> When I researched Event ID 40961 on the Microsoft website, it seemed
> to indicate that this error would normally appear after promoting a
> Windows 2003 server to Domain Controller. However, I'm not running
> Windows 2K3 anywhere on my network.
>
> To the best of my knowledge, this error does not appear on my (newly
> rebuilt) server, or indeed on my laptop. It seems only to be on this
> one PC. Furthermore, the PC is hanging, for no apparent reason. Although
> it doesn't do this after each time the above error has been
> written into the log, it certainly seems that, now and again, the PC
> hangs/crashes after this entry has been written.
>
> I have the following questions:
>
> 1. What is causing this warning to be written to the system log;
> 2. What can I do to stop this warning appearing in the future;
> 3. Is this warning a notification of something taking place that is
> subsequently causing my machine to hang now and again;
>
> For anyone who's wondering, I've also got the most uptodate version of
> Microsoft AntiSpyware on my PC. Although I know that this doesn't
> catch everything that tries to get through, it certainly grabs a fair
> amount of stuff. Also, I'm fairly sure that my crashing problem is
> not caused by hardware such as memory, because I'm not seeing a BSOD
> when the machine crashes.
>
> I hope that someone can help me. I'm on the point of being about to
> rebuilt my PC in the hope that it will cure the problem. However, I
> don't want to do that if the problem is going to recur as the result
> of something being incorrectly set, either on the PC or on the Server.
>
> TIA
Your DNS server may not have reverse lookup zones implemented. Something is
trying to do a reverse lookup (by IP) of a private address (your network)
and your DNS server is trying to find the authoritative DNS server. As it is
a private IP address your server should be authoritative. Prisoner.iana.org
is a black hole server so the request doesn't propagate all over the net.
Here is a link for how to configure a reverse lookup zone:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cncf_imp_dewg.asp
If you don't have reverse lookup zones set up then try setting them up and
see if the warning goes away. If it doesn't post back as there are other
possible causes. Note: the entry is just a warning. Your network will most
likely work just fine without reverse zones. It will be slightly more
efficient with them.
Kerry
.
- Follow-Ups:
- Re: What is prisoner.iana.org
- From: Ian Henderson
- Re: What is prisoner.iana.org
- References:
- What is prisoner.iana.org
- From: Ian Henderson
- What is prisoner.iana.org
- Prev by Date: Re: I am threatened ... and scared. Help, please
- Next by Date: Re: Is it true about NTFS
- Previous by thread: What is prisoner.iana.org
- Next by thread: Re: What is prisoner.iana.org
- Index(es):
Relevant Pages
|
|
