Archived from groups: microsoft.public.win2000.dns (More info?)
<firstname.lastname@example.org> wrote in message
> What events would be generated on a DNS server or within AD if another
> rogue DNS device was introduced into the network?
None if DNS is properly configured.
It would be entirely irrelevant if that were the
A DNS server is ONLY used if the clients are
set to use it, a DNS server forwards to it, or
a parent domain delegates to it.
Additional DNS servers don't really matter and
would probably not be called "rogue" (unlike
DHCP where rogue servers interfere.)
> Just trying to start querying for events to quickly address this should
> it become an issue.
If you are network monitoring just filter for DNS
request to ALL BUT your own DNS (official)