The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking Zone Updates From Annoying Client

Discussion in 'General Discussion' started by orty, Aug 31, 2006.

  1. orty

    orty Well-Known Member

    Joined:
    Jun 29, 2004
    Messages:
    110
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bend, Oregon
    cPanel Access Level:
    Root Administrator
    A while back, I setup a web site for a client on my cPanel server. Client has since installed a Windows 2003 small business server on their local network and set the network domain name to the same domain we were using on our Web site (wasn't my call), and I'm hosting the Web/E-mail DNS for the client on said cPanel server. So now, I'm getting a bunch of these kinds of logs in my nightly LogWatch report:

    Zone update refused:
    206.xxx.xxx.xxx (domain/IN): 353 Time(s)

    Is there anyway I can just block those from ever even bothering my server and showing up in my logs or do I have to tell the client to change their domain name (or does somebody know enough about Windows 2003 server to tell me how to turn off those zone updates w/out changing their domain name -- though I'd prefer a private domain like domain.prv or something)

    -Jake
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    The only way to block them would be to block access to port 53 from their IP address in iptables. The problem, as you've found, is that they're using their doamin name on their LAN and allowing the DNS requests to leake out onto the internet. Considering that they should never be using the domain on a LAN in the first place, they should filter out the DNS requests themselves on their local firewall or stop using the domain on the LAN.
     
  3. orty

    orty Well-Known Member

    Joined:
    Jun 29, 2004
    Messages:
    110
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bend, Oregon
    cPanel Access Level:
    Root Administrator
    If I remember correctly, I think I setup a Smoothwall firewall there back in the day for them, so I *think* I can login to it remotely and setup a rule to block the requests (have to dig up my login information, as I know I made the password like 26 characters or something like a good little geek ;).

    -jake
     
Loading...

Share This Page