Announcement

Collapse
No announcement yet.

Somebody has registered our internal domain name externally

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Somebody has registered our internal domain name externally

    Hey

    Somebody has registered our internal company domain name. We have no interest in using this domain externally to the company hence why we have never purchased it


    This however causes an issue when domain PC's are not on the network. For example if I'm sat at home with my laptop (on the internet but not connected via VPN) and I try to ping a server on our network it will resolve to the newly set up DNS record for the domain name, instead of returning an error.

    Infact I could ping anything, e.g. "ping anything" and the response would come from anything.myinternal-network.com and it will resolve to the IP of the external site.

    Once my laptop is connected to the domain either in the office or over vpn and my pc can see our internal DNS servers and I try to "ping anything" I get a destination host not found reponse as expected.

    Assuming that we cannot purchase this domain name is there a work around I can put in place to redirect DNS errors for "myinternal-network" before they resolve against this external ip? Can GPO's provide any solution?

    Hope that makes sense! Any help would be appreciated.

  • #2
    Re: Somebody has registered our internal domain name externally

    I think your only course of action is going to be renaming your internal domain. I would suggest something like "internaldomain.local" or "internaldomain.internal". This is not something you should undertake lightly and you should do thorough research and reading beforehand. You should also wait to see if anyone posts anything else that might help.

    Comment


    • #3
      Re: Somebody has registered our internal domain name externally

      Originally posted by boing_led View Post
      For example if I'm sat at home with my laptop (on the internet but not connected via VPN) and I try to ping a server on our network it will resolve to the newly set up DNS record for the domain name, instead of returning an error.
      Not sure why you would ever want to ping an internal server from outside, but seeing that it bugs you enough to post here, you can add a host file that maps your domain to the internal host that it should represent in your lan. Then when you ping it from the outside it will resolve to an internal IP and error out. Its seems a little silly but thats all I could think of.

      For more info on Hosts files see here

      This will wreck havoc on the whole internal DNS thing if you add dynamic IPs to your hosts file.
      "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

      Comment


      • #4
        Re: Somebody has registered our internal domain name externally

        just use host files instead of letting your computer resolve the names.
        its easier to beg forgiveness than ask permission.
        Give karma where karma is due...

        Comment


        • #5
          Re: Somebody has registered our internal domain name externally

          The short term solution would be indeed tweaking the hosts files, but this can not be manageable in long term.

          The real solution would be on of the 2 options:
          1) Rename the forest
          2) Try to buy the domain name

          The moral of this story though is that despite the fact that the forest name is used "only internally", you should not use names that can turn out to be used by someone from outside the organization.
          Guy Teverovsky
          "Smith & Wesson - the original point and click interface"

          Comment


          • #6
            Re: Somebody has registered our internal domain name externally

            Thanks for that guys, not sure if you've understood the problem though.

            I thought I'd post a reply to say how we got around it just incase anybody else gets the same issue (which is highly likely as company's such as metapredict are buying up a high number of domain names that reference company names each day)

            We resolved this issue by creating a new domain group policy with IPSec Policy to block all IP attempts to the internet IP, this worked whilst PC's were off of the domain. We also reissued our VPN client with a script to flush the DNS before connecting - this ensured that VPN clients could connect without fail.

            This worked perfectly in the short term. Since then we've been able to buy the domain as metapredict dropped it (presumably because it didn't get enough hits within the 5 or 7 days that they can get a refund) So now it's all good.

            Thanks again for the help.

            Comment

            Working...
            X