Re: Strange parent Domain host record
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Wed, 13 Dec 2006 13:06:10 -0600
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE863F88-E8B7-405B-80BA-F2C83BD7CFD9@xxxxxxxxxxxxxxxx
Oh my do I feel silly. It is an APIP address. 169.254.72.238 I wonder
how
it got stuck in there.
Usually from RRAS -- either VPN or Dial interface which was
created but never given an IP. The system has to obtain IPs for
itself and any connecting station so it uses APIPA.
Otherwise it is likely for a NIC on a server which was never
configure BUT also never disabled.
Either assign addresses or disable (or remove) such interfaces
whether in RRAS or real NICs.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE863F88-E8B7-405B-80BA-F2C83BD7CFD9@xxxxxxxxxxxxxxxx
Oh my do I feel silly. It is an APIP address. 169.254.72.238 I wonder
how
it got stuck in there.
"Herb Martin" wrote:
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2364C40B-3CB4-42B4-A5F8-16C9827DD7D3@xxxxxxxxxxxxxxxx
It's an AD integrated zone with secure only updates. The IP address is
a
public IP address that does not belong to our organization (I who is'd
it).
I have no idea how a registration could get through my firewall which
is
locked down pretty tight. IPConfig on all name servers does not show
this
IP address. I am the only admin with access to these servers.
What is the address? The actual number. Maybe that will offer a hint.
For instance, 169.254.x.y is NOT an "external" address.
Type is host record not name server. I am going to delete the record
once
again, perhaps I missed one of the servers on the first go around and
it
replicated back in. One question though could a record like this cause
resolution issues for the clients?
Yes.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"Herb Martin" wrote:
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3BBDAB30-29A2-4534-B151-D28B7C2B7BFF@xxxxxxxxxxxxxxxx
I have a domain host record in my forward lookup zone that points to
an
IP
address on the Internet that does not belong to my organization. I
tried
deleting it from all my DNS servers and it reappeared. The host
record
is
for the my domain name. In other words the name of the record is
"(same
as
parent folder)".
It's not your public web server is it? (It would be normal
to have this appear in a DNS zone that didn't support AD.)
It's not for a DC with a Public address is it? (Even if the
DC has multiple NICs.) DCs all dynamically register the
same as parent domain name record.
What type of DNS do you have? Primary? Or AD Integrated?
Are you using AD with "Secure Updates Only" (you should.)
How would such a registration get through your firewalls if
it comes from outside?
Is some other admin (or hacker with admin privileges) creating
this for some good or bad purpose?
The only other host records similar to this are my DNS
servers. I am concerned as to how this appeared and what I can do
to
get
rid
of it. Any help would be appreciated. Thanks in advance.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
.
- References:
- Re: Strange parent Domain host record
- From: Herb Martin
- Re: Strange parent Domain host record
- From: Herb Martin
- Re: Strange parent Domain host record
- From: APT SA
- Re: Strange parent Domain host record
- Prev by Date: CNAME problem
- Next by Date: Re: dnsupdateproxy group OR DHCP with registration credentials
- Previous by thread: Re: Strange parent Domain host record
- Next by thread: Re: Strange parent Domain host record
- Index(es):
Relevant Pages
|
