No subject


Tue Apr 2 00:56:56 UTC 2013 

to be part of your xxx.com domain?  If they are supposed to be part of your
domain, don't you have any contact with that person's administration to have
them change it?  If they aren't supposed to be part of your domian, you
should kindly, but firmly, tell them to change or else you are going to have
to take other measures.

Worst case scenario, block the person's IP/subnet in your packet filtering.

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "Bill Manning" <bmanning at ISI.EDU>
To: "Charles Quesenberry" <charles.quesenberry at allwho.com>
Cc: <comp-protocols-dns-bind at moderators.isc.org>
Sent: Monday, March 26, 2001 11:38 AM
Subject: Re: Win2K picking away at my named


>
>  While this is a really fine description of the handholding needed to
correct
> a behaviour that some would consider "misbehaved" there is no way that I
can
> bill these support hours to Microsoft.  Bemoaning the fact that my logs
run
> about 1G/day with this tripe lead one enterprising suggestion that a VB
virus
> be constructed that, when opened, would make the modifications w/o user
> intervention. Much less handholding.  Trouble is that it is
morally/ethically
> unsound. Its is also true that I have no desire to open the shrinkwrap on
> VB and learn to craft such an abhorent thing.
> Disk is cheap.
>
>
>
> %
> %
> % Mr. Blinder,
> %
> % I would imagine that your best bet to "make him go away" would be to
educate him
> % or her.
> %
> % By default, when you install a nic and create a network connection,
Microsoft
> % (applying their "We rule the world" mentality) Windows 2000 configures
the
> % Operating System to automatically register the system's address in the
DNS.  So,
> % if this user is using Windows 2000 and he has your DNS server listed in
his
> % settings, the Operating System is trying to register his IP and machine
name in
> % your DNS server.  The user is probably completely unaware that his
computer is
> % doing this.  He or she would probably doesn't even understand DNS and
will not
> % have a clue when you ask them to stop doing it.
> %
> % You are going to have to educate them.  Explain to them what is
happening.
> %     Their computer is trying to register itself in your DNS server.
> %     Let them know that it is not their fault.  It is the default
configuration
> % for Windows 2000.
> %
> % Explain to them that this action is completely futile.  Your DNS server
doesn't
> % need to know their machine name and IP address, and your DNS server will
not
> % accept this type of automatic input/update from their system.
> %
> % Then explain to them why you would like to change their system.  Tell
them that
> % although it might seem trivial to them, bandwidth is a valuable
commodity.  Also
> % explain to them that it makes it difficult for you to do your job as
them system
> % administrator.  Explain to them that for security purposes you must
continually
> % monitor your system logs, and your logs are becoming cluttered due to
their
> % computer's constant attempt to register itself.
> %
> % At this point, they should be ready and willing to help you.  Most
likely they
> % will even ask you, "What can I do to fix this?".  Now all you have to do
is
> % provide them DETAILED instructions on how to stop the automatic DNS
registration
> % from their system.  Be prepared for what seem like silly questions from
> % completely ignorant people.  Don't undertake this if you are in a bad
mood.  You
> % need to be in a good mood for this task.
> %
> % Tell them to:
> %
> %     1.  Close or minimize all open programs/applications.  Make sure
they are
> % looking at their desktop.
> %     2.  There should be an icon on their desktop labeled "My Network
Places".
> % RIGHT click on that icon and then left click on the word "properties".
> %             If the icon isn't on the desktop, you can get to it from the
control
> % panel.
> %     3.  A new window should appear.  The title bar should say, "Network
and
> % Dial-up Connections".  Assuming they only have one NIC, have them RIGHT
click on
> % the "Local Area Connection 1", and then left click on the word
"properties".
> %     4.  That should open a new window.  The title bar should say, "Local
Area
> % Connection 1 Properties".  Have them double click on the words "Internet
> % Protocol (TCP/IP)".
> %     5.  That should open a new window.  The title bar should say,
"Internet
> % Protocol (TCP/IP) Properties".  On the bottom right is a button that
says
> % "Advanced".  Have them single click that button.
> %     6.  That should open a new window.  The title bar should say,
"Advanced
> % TCP/IP Settings".  There should be four tabs at the top (directly
beneath the
> % title bar).  Have them click on the tab that says "DNS".
> %     7.  They are almost done!  At the bottom of this screen is a check
box that
> % is labeled "Register this connection's addresses in DNS".  By default,
there
> % will be a check in that box.  Have them single click the check box so
that the
> % check mark goes away.  I tried to attach a small jpg with a screen
capture of
> % the offending screen, but the news server wouldn't accept it.
> %     8.  Now tell them to click "OK" on that window.  They now have to
work their
> % backwards on all of the open windows.  Just tell them to keep clicking
"OK"
> % until all of the windows are gone.  I don't believe they will have to
reboot,
> % but it won't hurt anything if they do.  :-)
> %
> %
> % Good luck to you.  Try to be patient and be polite.  You will be amazed
at the
> % results.
> %
> %
> %
> % Sincerely,
> % Charles Quesenberry
> % Network Technician
> % Network Possibilities, Inc.
> %
> %
> %
> % dave wrote:
> %
> % > I've read many of the posts from others explaining how a WIN2K system
will
> % > ask bind for an update on their Linux server running named.
> % >
> % > In this case, I am getting requests for updates from a Win2K machine
where
> % > the "Admin" has set up the machine with the domain xxx.com. I own and
host
> % > xxx.com on my linux boxes as well as run the DNS for xxx.com. I keep
getting
> % > his requests for update messages and I want to make him go away. I
have told
> % > his DSL provider to fix his customer but they do nothing.
> % >
> % > I would like to do something that would make this person want to
reconfigure
> % > their Win2K machine.
> % >
> % > Below is the message I am receiving from named:
> % >
> % > Mar 24 08:47:23 doc named[2358]: denied update from
[64.204.236.4].52701 for
> % > "a domain on my system.com"
> % >
> % > --
> % > David C. Blinder
> % > dave at dobusiness.com
> % > VP Internet Division
> % > Executive Business Service, Inc.
> % > 5473 Kearny Villa Rd.
> % > Suite 210
> % > San Diego,CA 92123
> % >
> % > President
> % > Association of Internet Professionals
> % > San Diego Chapter
> % > dave at blinder.com
> % > dblinder at association.org
> % > http://sandiego.us.association.org
> %
> %
>
>
> --
> --bill

More information about the bind-users mailing list