Announcement

Collapse
No announcement yet.

Strange IP Address in DNS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Strange IP Address in DNS

    Hi all,

    I have a 2 W2k Server setup as primary and secondary domain controllers. Both run DNS and DHCP. About a week ago, a new IP address started showing up as a "Host" in my DNS Forward Lookup Zone and even though I have deleted it several times, it keeps coming back. I have my network set to hand out IPs of 192.168.xxx.xxx and this IP is 169.254.225.111. It does not belong. Has my network been compromised? Where could this be coming from?

  • #2
    Re: Strange IP Address in DNS

    Are there any unused NICs that are still enabled on one of the servers?

    \Rems

    This posting is provided "AS IS" with no warranties, and confers no rights.

    __________________

    ** Remember to give credit where credit's due **
    and leave Reputation Points for meaningful posts

    Comment


    • #3
      Re: Strange IP Address in DNS

      The only multihomed units are my servers and the second NIC is disabled. I shouldn't get anything from them.

      Comment


      • #4
        Re: Strange IP Address in DNS

        Originally posted by d_weller View Post
        and this IP is 169.254.225.111. It does not belong. Has my network been compromised? Where could this be coming from?
        Nope, this is an APIPA address.
        One of the servers has probably a unused nic what rems already said.
        More info about APIPA: http://msdn.microsoft.com/en-us/library/aa505918.aspx
        IP addresses assigned by Windows Server 2003 APIPA are within the range 169.254.0.1 through 169.254.255.254 inclusive, in accordance with specifications created by the Internet Assigned Numbers Authority (IANA). APIPA also sets the subnet mask on the network to 255.255.255.0.


        Also if you don't want to disable the nic, make sure you remove the option to register this connection into DNS somewhere in the advanced TCP/IP properties (I believe it's on the DNS part )
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Strange IP Address in DNS

          I know where that setting is. I will look to see if this clears it up.

          Comment

          Working...
          X