dynamic dns errors in log?

Bill Manning bmanning at ISI.EDU
Sun Feb 25 08:21:26 UTC 2001


 Lets see, 10,000 machines, each attempting to update my server.
 Sounds like a zombie DDOS to me.
 and a pretty serious one at that.



% 
% 
% Unfortunately, "denied update" and "unapproved update" fall into the
% "security" category instead of the "update" category. So you can't really turn
% that down without blinding yourself to potentially serious attacks.
% 
% 
% - Kevin
% 
% Robert Weber wrote:
% 
% > I don't think you understood my question.  How do we turn off the messages
% > from bind?  I personally cannot modify the setup of the 10000+ w2k and macos
% > machines in my B class, and don't want to.  I just want to turn off the
% > annoying messages to syslog.
% >
% >                                                 Robert Weber
% >                                                 University of Colorado
% > --------
% >
% > > Robert Weber <robert.weber at Colorado.EDU> wrote:
% > >
% > > >I see this all the time.  Dynamic updates are off by default, and these
% > > >updates are probably from MAC OS9 machines trying to advertise their disk
% > > >shares with LOC records.  If they're not mac's then they are Windows2000
% > > >machines doing the same thing.  If you need this functionality, you can
% > > >setup a dynamic subdomain for W2K or OS9 or both.  A question for the group:
% > > >is there any way to turn these messages off?
% > >
% > > In Win2k, dynamic updates are turned ON by default.
% > > You can disable DDNS from a Win2k workstation; see the list
% > > archives at isc.org for details.  But there are cases where a Win2k
% > > Domain Controller MUST have DDNS (self-registration) enabled.
% > >
% > > <soapbox on>
% > > For all of those who are implementing (i.e., struggling with) Win2k
% > > please check the list archives.  There have been a lot of postings
% > > concerning DDNS and Win2k over the past 1.5 years.  I know that 99%
% > > of you who read this posting already know this.  But the 99% of the
% > > people who need this information will NEVER search the achives before
% > > posting.
% > > <soapbox off>
% > > ----------------------------------------------------------------------
% > > Barry S. Finkel
% > > Electronics and Computing Technologies Division
% > > Argonne National Laboratory          Phone:    +1 (630) 252-7277
% > > 9700 South Cass Avenue               Facsimile:+1 (630) 252-9689
% > > Building 221, Room B236              Internet: BSFinkel at anl.gov
% > > Argonne, IL   60439-4844             IBMMAIL:  I1004994
% > >
% >
% > --------
% >
% > ----------
% > Status: by weberr Fri Feb 23 11:08:30 2001
% > ----------
% 
% 
% 
% 
% 


-- 
--bill


More information about the bind-users mailing list