Win2K picking away at my named

Bill Manning bmanning at ISI.EDU
Mon Mar 26 16:38:23 UTC 2001

 While this is a really fine description of the handholding needed to correct
a behaviour that some would consider "misbehaved" there is no way that I can
bill these support hours to Microsoft.  Bemoaning the fact that my logs run
about 1G/day with this tripe lead one enterprising suggestion that a VB virus
be constructed that, when opened, would make the modifications w/o user
intervention. Much less handholding.  Trouble is that it is morally/ethically
unsound. Its is also true that I have no desire to open the shrinkwrap on
VB and learn to craft such an abhorent thing.
Disk is cheap.

% Mr. Blinder,
% I would imagine that your best bet to "make him go away" would be to educate him
% or her.
% By default, when you install a nic and create a network connection, Microsoft
% (applying their "We rule the world" mentality) Windows 2000 configures the
% Operating System to automatically register the system's address in the DNS.  So,
% if this user is using Windows 2000 and he has your DNS server listed in his
% settings, the Operating System is trying to register his IP and machine name in
% your DNS server.  The user is probably completely unaware that his computer is
% doing this.  He or she would probably doesn't even understand DNS and will not
% have a clue when you ask them to stop doing it.
% You are going to have to educate them.  Explain to them what is happening.
%     Their computer is trying to register itself in your DNS server.
%     Let them know that it is not their fault.  It is the default configuration
% for Windows 2000.
% Explain to them that this action is completely futile.  Your DNS server doesn't
% need to know their machine name and IP address, and your DNS server will not
% accept this type of automatic input/update from their system.
% Then explain to them why you would like to change their system.  Tell them that
% although it might seem trivial to them, bandwidth is a valuable commodity.  Also
% explain to them that it makes it difficult for you to do your job as them system
% administrator.  Explain to them that for security purposes you must continually
% monitor your system logs, and your logs are becoming cluttered due to their
% computer's constant attempt to register itself.
% At this point, they should be ready and willing to help you.  Most likely they
% will even ask you, "What can I do to fix this?".  Now all you have to do is
% provide them DETAILED instructions on how to stop the automatic DNS registration
% from their system.  Be prepared for what seem like silly questions from
% completely ignorant people.  Don't undertake this if you are in a bad mood.  You
% need to be in a good mood for this task.
% Tell them to:
%     1.  Close or minimize all open programs/applications.  Make sure they are
% looking at their desktop.
%     2.  There should be an icon on their desktop labeled "My Network Places".
% RIGHT click on that icon and then left click on the word "properties".
%             If the icon isn't on the desktop, you can get to it from the control
% panel.
%     3.  A new window should appear.  The title bar should say, "Network and
% Dial-up Connections".  Assuming they only have one NIC, have them RIGHT click on
% the "Local Area Connection 1", and then left click on the word "properties".
%     4.  That should open a new window.  The title bar should say, "Local Area
% Connection 1 Properties".  Have them double click on the words "Internet
% Protocol (TCP/IP)".
%     5.  That should open a new window.  The title bar should say, "Internet
% Protocol (TCP/IP) Properties".  On the bottom right is a button that says
% "Advanced".  Have them single click that button.
%     6.  That should open a new window.  The title bar should say, "Advanced
% TCP/IP Settings".  There should be four tabs at the top (directly beneath the
% title bar).  Have them click on the tab that says "DNS".
%     7.  They are almost done!  At the bottom of this screen is a check box that
% is labeled "Register this connection's addresses in DNS".  By default, there
% will be a check in that box.  Have them single click the check box so that the
% check mark goes away.  I tried to attach a small jpg with a screen capture of
% the offending screen, but the news server wouldn't accept it.
%     8.  Now tell them to click "OK" on that window.  They now have to work their
% backwards on all of the open windows.  Just tell them to keep clicking "OK"
% until all of the windows are gone.  I don't believe they will have to reboot,
% but it won't hurt anything if they do.  :-)
% Good luck to you.  Try to be patient and be polite.  You will be amazed at the
% results.
% Sincerely,
% Charles Quesenberry
% Network Technician
% Network Possibilities, Inc.
% dave wrote:
% > I've read many of the posts from others explaining how a WIN2K system will
% > ask bind for an update on their Linux server running named.
% >
% > In this case, I am getting requests for updates from a Win2K machine where
% > the "Admin" has set up the machine with the domain I own and host
% > on my linux boxes as well as run the DNS for I keep getting
% > his requests for update messages and I want to make him go away. I have told
% > his DSL provider to fix his customer but they do nothing.
% >
% > I would like to do something that would make this person want to reconfigure
% > their Win2K machine.
% >
% > Below is the message I am receiving from named:
% >
% > Mar 24 08:47:23 doc named[2358]: denied update from [].52701 for
% > "a domain on my"
% >
% > --
% > David C. Blinder
% > dave at
% > VP Internet Division
% > Executive Business Service, Inc.
% > 5473 Kearny Villa Rd.
% > Suite 210
% > San Diego,CA 92123
% >
% > President
% > Association of Internet Professionals
% > San Diego Chapter
% > dave at
% > dblinder at
% >


More information about the bind-users mailing list