Security Incidents mailing list archives
RE: Win2k Machine contacting Root Server???
From: "Adrian Marsden" <amarsden () jvsdet org>
Date: Fri, 24 Mar 2006 04:49:18 -0500
I believe you will find there is a setting that tells a Win2k server to try TCP if UDP fails for DNS resolution. Maybe the UDP was failing and the box was doing as it was told. -----Original Message----- From: Alex [mailto:incidents () alex gotdns org] Sent: Fri 3/24/2006 1:53 AM To: incidents () securityfocus com Cc: Subject: Win2k Machine contacting Root Server??? Hi, I recently ran "netstat" on my personal laptop (running Win2k) and was shocked to see that it had been making TCP connections to the root servers (to their domain port). I know that some DNS queries are performed using TCP, but I find it somewhat disturbing that the root servers were involved. I did a little googling and found a few remarks that Win2k machines sometimes do this... But mine has the lastest updates.... So I'm a little concerned. Is this normal operation for a win2k machine, or could something more amiss be going on? Norton Antivirus and SpyBot Search & Destory didn't find anything wrong. Thanks -Alex (I realize this is probably a normal thing, but I still find it disturbing)
Current thread:
- Win2k Machine contacting Root Server??? Alex (Mar 24)
- Re: Win2k Machine contacting Root Server??? Jeff Rosowski (Mar 29)
- <Possible follow-ups>
- RE: Win2k Machine contacting Root Server??? Adrian Marsden (Mar 24)
- Re: Win2k Machine contacting Root Server??? Valdis . Kletnieks (Mar 24)
- RE: Win2k Machine contacting Root Server??? Alex (Mar 24)