Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

how-to stop w2k server dns initiating dialup

Posted on 2003-11-18
16
Medium Priority
?
503 Views
Last Modified: 2010-04-11
Hi there,

I have a Win2k server box serving a few clients.  It's set up to dial up (56k) whenever a clients requests a connection to the Internet.

Unfortunately, the server is constantly trying to connect to the internet on port 53, initiating a dial-up connection every 2-3 seconds or so to 192.16.202.11 (ns.eu.net) - a DNS nameserver (I think).

How do I set it so that this doesn't initiate a connection, or make sure that it does so only when there is a connection already available?

Also, if anyone could explain why this is happening, that would be helpful too!

Thanks!
0
Comment
Question by:scuzzie
  • 4
  • 3
  • 3
  • +3
16 Comments
 
LVL 16

Expert Comment

by:The--Captain
ID: 9774597
Port 53 is commonly associated with DNS requests.  Your server is lilely running some software (windows update service, antivirus software, web accelerators, etc) that periodically generates DNS requests.  

One solution, IMO, is to figure out which services are generating this traffic and then stop running them (or only run them when you are already online).  Another might be (and I leave this to the Windoze gurus around here) to define which traffic can initiate the connection to the internet, and limit the definition to your LAN clients exclusively.  Another solution might be to use different routing/NAT software...

BTW, which routing/NAT software are you using (if any)?  Not microsoft's, I hope...

Cheers,
-Jon
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 9774771
see if this utility fits your needs
http://www.twiga.ltd.uk/
click on downloads
0
 
LVL 1

Author Comment

by:scuzzie
ID: 9774818
I'm using WinRoute

The connection seems to be being initiated from the server, and no additional software is installed apart from WinRoute.  How do I find out what software is causing the DNS request?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 41

Expert Comment

by:stevenlewis
ID: 9774885
try zone alarm
free
www.zonelabs.com
it will tell what is trying to access the internet
0
 
LVL 1

Author Comment

by:scuzzie
ID: 9774924
I'm already using WinRoute as my proxy, I'd rather not install ZoneAlarm as well - are there any programs that _just_ tell you which programs are accessing the internet?
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 1200 total points
ID: 9774983
netstat
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 9775045
WinProxy is an internet sharing app, Zonealarm is a firewall
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 9776681
stevenlewis has the right idea - using a personal firewall will probably be the easiest way to tell what's generating this traffic.

Cheers,
-Jon
0
 
LVL 9

Expert Comment

by:drev001
ID: 9782407
Sounds like a virus or spyware to me. Do a full virus scan and use Adaware to remove spyware. The IP address you mentioned; 192.16.202.11 is on a reserved private address space which is why I think it sounds a bit iffy.
0
 
LVL 9

Expert Comment

by:drev001
ID: 9782431
Alternatively you could add a fake entry in your hosts file for ns.eu.net
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 9783548
>The IP address you mentioned; 192.16.202.11 is on a reserved private address space which is why I think it sounds a bit iffy

Looks like a major dutch university disagrees with you, as does the American Registry for Internet Numbers.  Maybe you should check with them next time like I did before appearing silly.

whois 192.16.202.11@whois.arin.net
[whois.arin.net]

OrgName:    Center for Mathematics and Computer Science
OrgID:      CMCS-1
Address:    Kruislaan 413
Address:     NL-1098 SJ Amsterdam
City:
StateProv:
PostalCode:
Country:    NL

NetRange:   192.16.202.0 - 192.16.202.255
CIDR:       192.16.202.0/24
NetName:    CWI-EUNET
NetHandle:  NET-192-16-202-0-1
Parent:     NET-192-0-0-0-0
NetType:    Direct Assignment
NameServer: NS.EU.NET
NameServer: NS.UU.NET
NameServer: SUNIC.SUNET.SE
Comment:
RegDate:    1986-11-07
Updated:    2000-11-10

TechHandle: EU-NIC-ARIN
TechName:   KPNQwest N.V.
TechPhone:  +31 70 379 3990
TechEmail:  noc@kpnqwest.net

# ARIN WHOIS database, last updated 2003-11-18 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

Cheers,
-Jon
0
 
LVL 1

Expert Comment

by:techi03
ID: 9783610
w2k clients  automatically try to  register  them  selves with  a  dns  server,  thats why they are  dialing  out.
to stop this
for a  domain setup a  local  dns  and have it  forward  to your ISP's  DNS.
for a workgroup try to  disable this feature  on the  clitnes.
www.pctechnicians.ca
networking  tips
tip  number  51
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9783629
clients
clients
when is ee going to implement the spel chekker?
0
 
LVL 1

Expert Comment

by:techi03
ID: 9784068

Oops !!!.......  :O
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 9784758
>when is ee going to implement the spel chekker

Lol!  Are you volunteering?  

Cheers,
-Jon

0
 
LVL 9

Expert Comment

by:drev001
ID: 9790605
Aye Aye, Cap'n. I did check, only force of habit I typed 192.168.202.11

This said, I stand by my comments.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question