Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Large number of broadcasts internal network with Bind DNS and WINS

Posted on 2006-05-08
6
Medium Priority
?
319 Views
Last Modified: 2010-03-19
I hope your day is going well.  It seems that I have several requests that are hitting the firewall for broadcast and for DNS entries outbound.  Any thoughts on how to stop this from happening?  Thanks for all your help.

Thanks.
Tim.
0
Comment
Question by:taggedd
  • 2
  • 2
4 Comments
 
LVL 26

Expert Comment

by:Leon Fester
ID: 16637235
Ensure that your local machines are set to use your Internal DNS server. Only your Internet gateway/default gateway should be configured with external DNS entries.

Besides, any broadcast traffic will hit ALL networked interfaces on your LAN. You cannot stop a broadcast from accessing a specific device unless you've wired your hubs/switches correctly to segment your network. But if you've got a smallish network then segmenting is more of a headache than anything else.
0
 

Author Comment

by:taggedd
ID: 16649536
Thanks for the reply.  Would there be any reason for all the broadcasts when everything is setup to use the internal DNS and Wins?  Shouldn't they query those servers first?  Thanks.

Thanks.
Tim.
0
 
LVL 26

Accepted Solution

by:
Leon Fester earned 2000 total points
ID: 16649574
There could be a number of reasons for the broadcasts. Yes. DNS and WINS should be used for name resolution within your domain, but I've also noticed that some spyware applications are sending out broadcast requests on the network. Have a look at your firewall logs and then start monitoring the machines that are initiating the broadcasts.

You're gonna have to collect some data and analyse it, sadly there's no quick fix to these kinds of problems.

Possible consider running a sniffer program like Ethereal on your network and see if that gives you anymore information than what you've got on your firewall.
0
 

Author Comment

by:taggedd
ID: 16810335
Thanks for the reply.  Any idea what a good/inexpensive anti-spyware solution would be?  I thought about Spybot.

Thanks.
Tim.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question