RE: [cobalt-users] OT - Windows DNS Trying to Update My RaQ Zones - How to Disable?

["E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>]

CR> Date: Wed, 26 Mar 2003 14:30:09 -0700
CR> From: Curtis Ross


CR> It's because they are using your DNS servers. Ask them to

Close.  It's because they use a _domain name handled by Barbara's
DNS servers_.


CR> change them or to un-check 'Register this connection's
CR> addresses in DNS' on the DNS tab in Advanced settings on

Correct.

For added fun and pleasure, Win XP boxen have said checkbox
_checked_ by default... pity the owner of a domain like
"mydomain.com" that gets misused in thousands of boxen. :-(


CR> their workstations or servers. I guess you could also block
CR> them with ipchains? Someone with more knowledge in that area
CR> may want to comment.

Such heavy-handed measures cause ugly results.  DNS UPDATE
messages are sent just like QUERY messages... same protocol,
same port, same fate.  The difference is an opcode inside the
payload.

A firewall that inspects DNS packets and { discards UDP UPDATE +
resets TCP UPDATE } would work, but that's beyond ipchains.  Note
that FreeBSD's accept_filter(9) would be very useful for this
type of task.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.