Bind errors

Gary Nichols gary@linuxchimp.com
Thu, 11 Jan 2001 11:23:28 -0700 

I'll bet you a 6" stuffed Tux penguin that it was indeed those Win2k boxen.
(I had this exact same scenerio happen to me when I was beta-testing win2k
pro a year or so ago).

 ============================================
 Gary Nichols              gary@neoplanet.com
 Network Operations Mgr        NeoPlanet,Inc.
 RHCE #806200886701949      www.neoplanet.com
 --------------------------------------------


-----Original Message-----
From: plug-discuss-admin@lists.PLUG.phoenix.az.us
[mailto:plug-discuss-admin@lists.PLUG.phoenix.az.us]On Behalf Of Mike
Starke
Sent: Thursday, January 11, 2001 10:51 AM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: Re: Bind errors


OK, here is what I have done. I have blocked access to the nameserver
from my fw outside int. Therefore, anything coming from the outside
ip of my fw is not allowed to access the nameserver(s). Transfers
have already been restricted to just the master/slaves.

I beleive the last guy might have been on to something: My
assistant rolled out a couple of Win2K boxes. There was a check
box that statess "Register this connections address in DNS".

Without tailing some logs at the moment, it sounds like
this might be my culprit.  Does anyone aggree?

Mike
mgcon@getnet.com
http://www.getnet.com/~mgcon
Phoenix, AZ
USA

On Thu, 11 Jan 2001, Eden Li wrote:

> Actually, unless NAT is configured to do so.. the source IP address should
> stay the same, so any outside IPs should be logged as trying to do zone
> transfers.  Besides, zone transfers should only occur between primary and
> secondary DNS servers, it should not be a re-occuring thing as Mike is
> experiencing.
>
> From: "Furmanek, Greg" <Grzegorz.Furmanek@asu.edu>
> | I guess that sounds like an option.
> |
> | If you NATing connection in your firewall the
> | bind box will see only the firewall IP therefore
> | it will think it is doing zone transfer.
>
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


________________________________________________
See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post
to the list quickly and you use Netscape to write mail.

Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss