Blocking Zone Updates From Annoying Client

orty

Well-Known Member
Jun 29, 2004
110
0
166
Bend, Oregon
cPanel Access Level
Root Administrator
A while back, I setup a web site for a client on my cPanel server. Client has since installed a Windows 2003 small business server on their local network and set the network domain name to the same domain we were using on our Web site (wasn't my call), and I'm hosting the Web/E-mail DNS for the client on said cPanel server. So now, I'm getting a bunch of these kinds of logs in my nightly LogWatch report:

Zone update refused:
206.xxx.xxx.xxx (domain/IN): 353 Time(s)

Is there anyway I can just block those from ever even bothering my server and showing up in my logs or do I have to tell the client to change their domain name (or does somebody know enough about Windows 2003 server to tell me how to turn off those zone updates w/out changing their domain name -- though I'd prefer a private domain like domain.prv or something)

-Jake
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
The only way to block them would be to block access to port 53 from their IP address in iptables. The problem, as you've found, is that they're using their doamin name on their LAN and allowing the DNS requests to leake out onto the internet. Considering that they should never be using the domain on a LAN in the first place, they should filter out the DNS requests themselves on their local firewall or stop using the domain on the LAN.
 

orty

Well-Known Member
Jun 29, 2004
110
0
166
Bend, Oregon
cPanel Access Level
Root Administrator
chirpy said:
The only way to block them would be to block access to port 53 from their IP address in iptables. The problem, as you've found, is that they're using their doamin name on their LAN and allowing the DNS requests to leake out onto the internet. Considering that they should never be using the domain on a LAN in the first place, they should filter out the DNS requests themselves on their local firewall or stop using the domain on the LAN.
If I remember correctly, I think I setup a Smoothwall firewall there back in the day for them, so I *think* I can login to it remotely and setup a rule to block the requests (have to dig up my login information, as I know I made the password like 26 characters or something like a good little geek ;).

-jake
 
Thread starter Similar threads Forum Replies Date
E Installation & Updates 1
Similar threads
problem in zone file