Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS Changes don't stick

Status
Not open for further replies.
rjs

rjs

MIS
Joined
Apr 6, 1999
Messages
632
Location
US
Windows 2000 server. It is a member server, no Active directory. It is a public DNS server using standard primary DNS. Been installed and working for at least 2 years.

In the past few weeks, host and other records will change or revert to really old entries for no apparant reason. This happens randomly meaning a random domain (out of about 100) will have a change. No one else has access to the server, except for Web related FTP accounts.

No other problems are occuring on the server.

Anyone with ANY ideas would be appreciated.
 
Sort by date Sort by votes
No it is the primary. I have another box that is the secondary.
 
Upvote 0 Downvote
are you allowing Dynamic Updates? What about zone transfers, how are they set up? Are you allowing recursive queries from the internet?
 
Upvote 0 Downvote
I don't see anywhere that has a dynamic updates setting. I think this is only for Active Directory which is not installed on this server.

It does allow zone transfers (no restrictions), but I believe this only applies to it sending transfers to other servers, not getting transfers. Am I mistaken?

I found an option to "Disable Recursion" and it is NOT checked. I assume this means it allows recursion.
 
Upvote 0 Downvote
Dynamic Updates can be found on the properties of your Forward Lookup Zones.
What I'm trying to do is rule out the possibility that someone is attacking you via DNS Spoofing. You should restrict zone transfers to servers that are acting as secondaries as a precaution. Unfortunately, if you're acting as a nameserver for internet hosts, disabling recursion would probably be a bad idea, although it would be a big deterrent to spoofing.

Anyway, when these changes occur, do you recognize the IP's as valid for some other resource you're authoritative for, or are they totally unknown?
 
Upvote 0 Downvote
The changes are always either old names and numbers from that zone or occasionally from another zone that is also on this server. That is why I don't think it is a "hack".

In looking through the config, there is an option to load zone data on startup from: AD and Reg
From file
From Reg
It is set to AD and Reg (probably the default) even though it is not running AD. Do you know where in the registry it is storing the zones? Maybe that is corrupt.

BTW, thanks for helping on this.
 
Upvote 0 Downvote
I would change that to "From File", name it as you choose, and work with that. It will store the file(s), by default in C:\%Systemroot%\system32\dns. I find it's much easier to manage this way.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
1K
suncit
suncit
fredmartinmaine
  • Locked
  • Question Question
Domain Controller without DNS Server
Replies
4
Views
1K
fredmartinmaine
fredmartinmaine
telecotek1
  • Locked
  • Question Question
strange DNS issue
Replies
1
Views
590
telecotek1
telecotek1
evr72
  • Locked
  • Question Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
264
evr72
evr72
rrmcguire
  • Locked
  • Question Question
group policy to set dns
Replies
2
Views
601
rrmcguire
rrmcguire

Part and Inventory Search

Sponsor

Back
Top