Security Incidents mailing list archives
Re: repeated attempts of unapproved updates
From: Jim Halfpenny <j.halfpenny () ICR AC UK>
Date: Wed, 31 Jan 2001 09:22:54 +0000
We saw some of those at our site which turned out to be Macintoshes that try to update their DNS entries but that was only on our own DNS servers. Most of those addresses are aol dialup IPs, so there's a good chance is is down to the increased number of Win2k/ME boxes out there. Cheers, Jim Halfpenny Wendell Craig Baker wrote:
Does anyone have any thoughts on a pattern of unapproved updates to DNS? I'm constantly getting a stream of between five and fifty unapproved updates to my DNS servers. Does anyone know anything about this? I had a responsible individual at Veritas once tell me that this was a mis-configured Windows 2000 network (dhcp). He didn't elaborate but it stopped (from their sites).
-- Jim Halfpenny - ICR Unix Team Email: j.halfpenny () icr ac uk For general Unix enquiries please contact unix () icr ac uk
Current thread:
- repeated attempts of unapproved updates Wendell Craig Baker (Jan 30)
- Re: repeated attempts of unapproved updates Mike Lewinski (Jan 30)
- Re: repeated attempts of unapproved updates Jim Halfpenny (Jan 31)