At 03:10 PM 1/22/2002, you wrote:
Well, my logs are steadily filling up with other Win2k machines now, I haven't installed Portsentry or IP chains yet, nor have I schooled myself in their use. Will these programs allow me to block their requests entirely, so they never make it to the logs? Any suggestions? Also, anyone know how to disable querries to a cobalt raq3 dns server? Pardon my extreme ignorance... -Brad _________
Ok, here we go and I bet you will get some answers now.If you want to stop people querying dns, unplug your network cable. No more log entries.
I have dns on my Raq turned off. I am not serving my own dns. I still get queries and log entries.
Now hopefully someone will be able to tell us how to block queries. I think there is a different query that is filling up the log. I do not see outside queries to my logs, but I do see entries from the internal network. The W2K and NT4 machines are basically hitting with a port 137 entry for all but one which is hitting 138. Thus netbios. I have a Compaq Win98 machine that is hitting port 2301 which is some Compaq thing. I see these in the kernel log. Where are you seeing the dns log entries?