Getting "unapproved update from" slave servers

Jim Reid jim at mpn.cp.philips.com
Wed Aug 25 10:08:04 UTC 1999


>>>>> "Guy" == Guy Lancaster <glanca at gesn.com> writes:

    Guy>   I'm fairly new to setting up DNS servers.  I'm running Bind
    Guy> 8.2.6 on Redhat 6.0 on 3 machines.  Everything seemed fine
    Guy> for a few days and then today in the master server's log
    Guy> messages I'm getting "unapproved update from" the slave name
    Guy> servers on several zones.

    Guy>   I should only be getting requests for serial numbers and
    Guy> zone transfers from the slaves.  What's happening?

You've probably got some NT5-betas (W2K) boxes in your net and they're
trying to use Dynamic DNS to register themselves. Hunt these systems
down and get them to stop doing this. If that's not the case, somebody
is trying to compromise the integrity of your name servers by
attempting to change the contents of your domain(s). They're sending
Dynamic DNS update requests which your name server is rightly refusing
to accept.


More information about the bind-users mailing list