dynamic dns errors in log?
Bill Manning
bmanning at ISI.EDU
Sun Feb 25 08:21:26 UTC 2001
Lets see, 10,000 machines, each attempting to update my server.
Sounds like a zombie DDOS to me.
and a pretty serious one at that.
%
%
% Unfortunately, "denied update" and "unapproved update" fall into the
% "security" category instead of the "update" category. So you can't really turn
% that down without blinding yourself to potentially serious attacks.
%
%
% - Kevin
%
% Robert Weber wrote:
%
% > I don't think you understood my question. How do we turn off the messages
% > from bind? I personally cannot modify the setup of the 10000+ w2k and macos
% > machines in my B class, and don't want to. I just want to turn off the
% > annoying messages to syslog.
% >
% > Robert Weber
% > University of Colorado
% > --------
% >
% > > Robert Weber <robert.weber at Colorado.EDU> wrote:
% > >
% > > >I see this all the time. Dynamic updates are off by default, and these
% > > >updates are probably from MAC OS9 machines trying to advertise their disk
% > > >shares with LOC records. If they're not mac's then they are Windows2000
% > > >machines doing the same thing. If you need this functionality, you can
% > > >setup a dynamic subdomain for W2K or OS9 or both. A question for the group:
% > > >is there any way to turn these messages off?
% > >
% > > In Win2k, dynamic updates are turned ON by default.
% > > You can disable DDNS from a Win2k workstation; see the list
% > > archives at isc.org for details. But there are cases where a Win2k
% > > Domain Controller MUST have DDNS (self-registration) enabled.
% > >
% > > <soapbox on>
% > > For all of those who are implementing (i.e., struggling with) Win2k
% > > please check the list archives. There have been a lot of postings
% > > concerning DDNS and Win2k over the past 1.5 years. I know that 99%
% > > of you who read this posting already know this. But the 99% of the
% > > people who need this information will NEVER search the achives before
% > > posting.
% > > <soapbox off>
% > > ----------------------------------------------------------------------
% > > Barry S. Finkel
% > > Electronics and Computing Technologies Division
% > > Argonne National Laboratory Phone: +1 (630) 252-7277
% > > 9700 South Cass Avenue Facsimile:+1 (630) 252-9689
% > > Building 221, Room B236 Internet: BSFinkel at anl.gov
% > > Argonne, IL 60439-4844 IBMMAIL: I1004994
% > >
% >
% > --------
% >
% > ----------
% > Status: by weberr Fri Feb 23 11:08:30 2001
% > ----------
%
%
%
%
%
--
--bill
More information about the bind-users
mailing list