Win2K picking away at my named
bmanning at ISI.EDU
Mon Mar 26 16:38:23 UTC 2001
While this is a really fine description of the handholding needed to correct
a behaviour that some would consider "misbehaved" there is no way that I can
bill these support hours to Microsoft. Bemoaning the fact that my logs run
about 1G/day with this tripe lead one enterprising suggestion that a VB virus
be constructed that, when opened, would make the modifications w/o user
intervention. Much less handholding. Trouble is that it is morally/ethically
unsound. Its is also true that I have no desire to open the shrinkwrap on
VB and learn to craft such an abhorent thing.
Disk is cheap.
% Mr. Blinder,
% I would imagine that your best bet to "make him go away" would be to educate him
% or her.
% By default, when you install a nic and create a network connection, Microsoft
% (applying their "We rule the world" mentality) Windows 2000 configures the
% Operating System to automatically register the system's address in the DNS. So,
% if this user is using Windows 2000 and he has your DNS server listed in his
% settings, the Operating System is trying to register his IP and machine name in
% your DNS server. The user is probably completely unaware that his computer is
% doing this. He or she would probably doesn't even understand DNS and will not
% have a clue when you ask them to stop doing it.
% You are going to have to educate them. Explain to them what is happening.
% Their computer is trying to register itself in your DNS server.
% Let them know that it is not their fault. It is the default configuration
% for Windows 2000.
% Explain to them that this action is completely futile. Your DNS server doesn't
% need to know their machine name and IP address, and your DNS server will not
% accept this type of automatic input/update from their system.
% Then explain to them why you would like to change their system. Tell them that
% although it might seem trivial to them, bandwidth is a valuable commodity. Also
% explain to them that it makes it difficult for you to do your job as them system
% administrator. Explain to them that for security purposes you must continually
% monitor your system logs, and your logs are becoming cluttered due to their
% computer's constant attempt to register itself.
% At this point, they should be ready and willing to help you. Most likely they
% will even ask you, "What can I do to fix this?". Now all you have to do is
% provide them DETAILED instructions on how to stop the automatic DNS registration
% from their system. Be prepared for what seem like silly questions from
% completely ignorant people. Don't undertake this if you are in a bad mood. You
% need to be in a good mood for this task.
% Tell them to:
% 1. Close or minimize all open programs/applications. Make sure they are
% looking at their desktop.
% 2. There should be an icon on their desktop labeled "My Network Places".
% RIGHT click on that icon and then left click on the word "properties".
% If the icon isn't on the desktop, you can get to it from the control
% 3. A new window should appear. The title bar should say, "Network and
% Dial-up Connections". Assuming they only have one NIC, have them RIGHT click on
% the "Local Area Connection 1", and then left click on the word "properties".
% 4. That should open a new window. The title bar should say, "Local Area
% Connection 1 Properties". Have them double click on the words "Internet
% Protocol (TCP/IP)".
% 5. That should open a new window. The title bar should say, "Internet
% Protocol (TCP/IP) Properties". On the bottom right is a button that says
% "Advanced". Have them single click that button.
% 6. That should open a new window. The title bar should say, "Advanced
% TCP/IP Settings". There should be four tabs at the top (directly beneath the
% title bar). Have them click on the tab that says "DNS".
% 7. They are almost done! At the bottom of this screen is a check box that
% is labeled "Register this connection's addresses in DNS". By default, there
% will be a check in that box. Have them single click the check box so that the
% check mark goes away. I tried to attach a small jpg with a screen capture of
% the offending screen, but the news server wouldn't accept it.
% 8. Now tell them to click "OK" on that window. They now have to work their
% backwards on all of the open windows. Just tell them to keep clicking "OK"
% until all of the windows are gone. I don't believe they will have to reboot,
% but it won't hurt anything if they do. :-)
% Good luck to you. Try to be patient and be polite. You will be amazed at the
% Charles Quesenberry
% Network Technician
% Network Possibilities, Inc.
% dave wrote:
% > I've read many of the posts from others explaining how a WIN2K system will
% > ask bind for an update on their Linux server running named.
% > In this case, I am getting requests for updates from a Win2K machine where
% > the "Admin" has set up the machine with the domain xxx.com. I own and host
% > xxx.com on my linux boxes as well as run the DNS for xxx.com. I keep getting
% > his requests for update messages and I want to make him go away. I have told
% > his DSL provider to fix his customer but they do nothing.
% > I would like to do something that would make this person want to reconfigure
% > their Win2K machine.
% > Below is the message I am receiving from named:
% > Mar 24 08:47:23 doc named: denied update from [18.104.22.168].52701 for
% > "a domain on my system.com"
% > --
% > David C. Blinder
% > dave at dobusiness.com
% > VP Internet Division
% > Executive Business Service, Inc.
% > 5473 Kearny Villa Rd.
% > Suite 210
% > San Diego,CA 92123
% > President
% > Association of Internet Professionals
% > San Diego Chapter
% > dave at blinder.com
% > dblinder at association.org
% > http://sandiego.us.association.org
More information about the bind-users