Something is trying to update one of my domains...
Michelle Konzack
linux4michelle at gmail.com
Sun Dec 24 12:55:38 UTC 2017
Hello Grant,
On 2017-12-23 23:32:16 Grant Taylor via bind-users hacked into the keyboard:
> On 12/23/2017 11:07 PM, Michelle Konzack wrote:
> >I have just discovered several entries of
> >
> >Dec 24 06:26:49 dns1 named[16591]: update-security: error: client
> >+37.157.109.77#2936: update 'tdnet.eu/IN' denied
> >
> >Which is realy bizzar, because this is the 4G/LTE IP of my
> >ThinkPad T400 with Windows 7 Home Edition installed...
>
> Does Windows think it's FQDN is <NetBIOS name>.tdnet.eu?
I do not know.
The last three Windows versions I was using where NT 3.51, NT 4.0 and
WfW 3.11. I have absolutely no clue how Windows today is working.
The only thing is that Windows has cost me thos month 40€ of GSM traffic
which I was not aware of it. Windows downloaded without any intervention
12 GByte. and also it does not accept the providd Registration Key (My
ThinkPad T400 is a refurbished one and has an OEM version of Windows 7
for refurbished Computers which is written on the M$ sticker).
> >Can someone give me a hint what is trying to update my
> ><tdnet.eu> and only this one?
>
> It sounds like it's trying to do a Dynamic DNS update to the MNAME
> server listed in the SOA record, namely dns1.tamay-dogan.net.
Aha, the question is: How has Windows 7 choosen tdnet.eu?
OK, the Compaq CQ58 (Debian GNU/Linux) has a local DNS which know,
the IP Address <192.168.0.202> (my Lenovo ThinkPad T400) has the name
<t400.hosts.tdnet.eu> while the broken Compaq CQ58 has <192.168.0.201>
and <cq58.hosts.tdnet.eu>. <192.168.0.1> it the ZyXel LTE3311.
So, if Windows 7 know about too, it sucks, if it want to to update an
already given DN.
> >In the logfiles I do not find more infos.
>
> Run a packet sniffer on your ThinkPad and see what it's trying to
> do. If it is what I think it is, you can probably cause it to
> attempt to happen by restarting the NetLogon and / or Workstation
> service.
>
> Note: This is one of the reasons to use a sub-domain for office
> networks, particularly with Windows machines.
Exact. Once my Farm-House (I have a Bio Farm in Estonia) is complete,
the local Network get the subdomain <mma.tdnet.eu> where I also have an
24/7 running intranet server with bind9
I know this problems since MANY years.
Thanks for your Help
and Mery X-Mas
--
Michelle Konzack Miila ITSystems @ TDnet
GNU/Linux Developer 00372-54541400
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171224/4139a54a/attachment.bin>
More information about the bind-users
mailing list