[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dhcp-dns problem



> Craig Sanders wrote:
> 
> > On Fri, Sep 07, 2001 at 08:17:04AM -0700, Dean A. Roman wrote:
> > >   I'm a bit confused, and it is probably because I don't totally
> > >   understand how the dynamic dns updates work.
> >
> > if the rejected updates are coming from a W2K machine then it has
> > nothing to do with dhcp-dns. it's a fault with W2K.
> >
> > > 192.168.100.100 is the windows machine that checked out the IP address
> > > from the dhcp server(srfs1-192.168.100.20).
> > >
> > > Should update requests be coming from a dhcp client?
> >
> > nope.
> >
> > > How is the windows 2k dhcp client requesting a dns update?
> >
> > because microsoft thought it would be a good idea for clients to be able
> > to update the DNS on the server, and for that stupidity to be ON by
> > default.
> >
> > anyone but microsoft would have realised that it is insane from a
> > security perspective to let unauthenticated & unauthorised client
> > machines screw around with such a fundamental service.

I should have read the RFC before I replied ... Craig is of course
correct and I was wrong ... upadtes from the dhcp server should work
fine.  The fact that I've seen servers set up to accept updates from
windows machines is now merely an embarrasment to me.

Sorry,

-- 
Nathan Norman - Staff Engineer | A good plan today is better
Micromuse Ltd.                 | than a perfect plan tomorrow.
mailto:nnorman@micromuse.com   |   -- Patton

Attachment: pgpSBHgVZYYh2.pgp
Description: PGP signature


Reply to: