Rogue DNS - What events are generated?
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.dns (More info?)
What events would be generated on a DNS server or within AD if another
rogue DNS device was introduced into the network?
Just trying to start querying for events to quickly address this should
it become an issue.
What events would be generated on a DNS server or within AD if another
rogue DNS device was introduced into the network?
Just trying to start querying for events to quickly address this should
it become an issue.
More about : rogue dns events generated
Archived from groups: microsoft.public.win2000.dns (More info?)
<rz4075@yahoo.com> wrote in message
news:1107989740.358254.243290@z14g2000cwz.googlegroups.com...
> What events would be generated on a DNS server or within AD if another
> rogue DNS device was introduced into the network?
None if DNS is properly configured.
It would be entirely irrelevant if that were the
only issue.
A DNS server is ONLY used if the clients are
set to use it, a DNS server forwards to it, or
a parent domain delegates to it.
Additional DNS servers don't really matter and
would probably not be called "rogue" (unlike
DHCP where rogue servers interfere.)
> Just trying to start querying for events to quickly address this should
> it become an issue.
If you are network monitoring just filter for DNS
request to ALL BUT your own DNS (official)
DNS servers.
Port 53 for both UDP and TCP.
--
Herb Martin
<rz4075@yahoo.com> wrote in message
news:1107989740.358254.243290@z14g2000cwz.googlegroups.com...
> What events would be generated on a DNS server or within AD if another
> rogue DNS device was introduced into the network?
None if DNS is properly configured.
It would be entirely irrelevant if that were the
only issue.
A DNS server is ONLY used if the clients are
set to use it, a DNS server forwards to it, or
a parent domain delegates to it.
Additional DNS servers don't really matter and
would probably not be called "rogue" (unlike
DHCP where rogue servers interfere.)
> Just trying to start querying for events to quickly address this should
> it become an issue.
If you are network monitoring just filter for DNS
request to ALL BUT your own DNS (official)
DNS servers.
Port 53 for both UDP and TCP.
--
Herb Martin
Related ressources:
- ForumEventLog: Source: DNS - ID:3000 - DNS_EVENT _START_LOG_SUPPR..
- ForumPhantom DNS server
- ForumDNS Warning Events flooding DSL Log on Server
- ForumDNS events 5504, 5506, 5507 and 7053
- ForumWhat has happened to my Graphics Card (GTX-670)
- ForumBacking up DNS information
- ForumDual home DNS w/ AD doesn't work after several hours
- ForumDHCP Relays and Scanning for Rogue Mac Addresses
- ForumWhat is dns changer virus
- Forumtrapped in rogue quest
- ForumDNS Issue
- ForumScripted approach to dungeon generation
- ForumDNS Client Event ; Event ID 1014
- ForumDNS excessive traffic root hints
- ForumDNS Issues Preventing ADPREP /Forestprep From Working
- ForumBasic Rogue questions
- Forum3.5e Rogue 's Gallery?
- ForumParallel and com ports not appearing in device manager
- ForumDNS not working
- ForumDNS excessive traffic root hints
- More resources
!
