Forums



Results 1 to 3 of 3

Thread: Blocking Zone Updates From Annoying Client

  1. 08-31-2006, 06:38 PM #1
    orty
    orty is offline
    Member orty's Avatar
    Join Date
    Jun 2004
    Location
    Bend, Oregon
    Posts
    105
    cPanel/WHM Access Level

    Root Administrator

    Default Blocking Zone Updates From Annoying Client

    A while back, I setup a web site for a client on my cPanel server. Client has since installed a Windows 2003 small business server on their local network and set the network domain name to the same domain we were using on our Web site (wasn't my call), and I'm hosting the Web/E-mail DNS for the client on said cPanel server. So now, I'm getting a bunch of these kinds of logs in my nightly LogWatch report:

    Zone update refused:
    206.xxx.xxx.xxx (domain/IN): 353 Time(s)

    Is there anyway I can just block those from ever even bothering my server and showing up in my logs or do I have to tell the client to change their domain name (or does somebody know enough about Windows 2003 server to tell me how to turn off those zone updates w/out changing their domain name -- though I'd prefer a private domain like domain.prv or something)

    -Jake
    Reply With Quote Reply With Quote
  2. 09-01-2006, 05:09 AM #2
    chirpy
    chirpy is offline
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,496

    Default

    The only way to block them would be to block access to port 53 from their IP address in iptables. The problem, as you've found, is that they're using their doamin name on their LAN and allowing the DNS requests to leake out onto the internet. Considering that they should never be using the domain on a LAN in the first place, they should filter out the DNS requests themselves on their local firewall or stop using the domain on the LAN.
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com
    Reply With Quote Reply With Quote
  3. 09-04-2006, 12:24 PM #3
    orty
    orty is offline
    Member orty's Avatar
    Join Date
    Jun 2004
    Location
    Bend, Oregon
    Posts
    105
    cPanel/WHM Access Level

    Root Administrator

    Default

    Quote Originally Posted by chirpy
    The only way to block them would be to block access to port 53 from their IP address in iptables. The problem, as you've found, is that they're using their doamin name on their LAN and allowing the DNS requests to leake out onto the internet. Considering that they should never be using the domain on a LAN in the first place, they should filter out the DNS requests themselves on their local firewall or stop using the domain on the LAN.
    If I remember correctly, I think I setup a Smoothwall firewall there back in the day for them, so I *think* I can login to it remotely and setup a rule to block the requests (have to dig up my login information, as I know I made the password like 26 characters or something like a good little geek .

    -jake
    Reply With Quote Reply With Quote
« valid emails rejected to all ".br" tld's? | Zend Optimizer for PHP 4.3.x cannot be found »

Similar Threads

  1. CSF Blocking a client constantly
    By AntraxZ in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 07-03-2011, 01:16 AM
  2. DNS Zone Updates
    By hostserve in forum cPanel & WHM Discussions
    Replies: 2
    Last Post: 10-06-2008, 03:46 PM
  3. Annoying
    By jaymc in forum New User Questions
    Replies: 1
    Last Post: 01-28-2005, 10:43 PM
  4. Error 404 while fetching url http://updates.cpanel.net//pub/sysup/6.2//.updates
    By bmcpanel in forum cPanel & WHM Discussions
    Replies: 7
    Last Post: 03-10-2004, 11:38 PM
  5. Blocking access to cpanel A client request
    By hostcp3 in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 01-10-2003, 03:56 PM