Solved

Strange DNS

Posted on 2006-06-28
14
321 Views
Last Modified: 2010-03-18
OK this is a strange one. I recently changed internet providers for our company. Everything went well and things checkout fine with DNSSTUFF.

The problem I am having is whenever someone internal tries to go to a bad address or mistyped address it defaults to our website. This wouldn’t be a big deal but I’m getting complaints, and I would rather have the unavailable error screen come up. So it seems that my DNS has decided that if it can’t find something then they must be looking for the website address.

I made no changes that should be causing this; all I did is change providers.
0
Comment
Question by:captony
  • 6
  • 6
14 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 17002859
So a mistyped URL results in your web page instead of the Microsoft standard error message "This page cannot be displayed".  


Sounds like someone has modified the DNSError webpage that is displayed for this type of error.  

If you START-RUN and type in  "res://shdoclc.dll.dnserror.htm"   DO you get the "this page cannot be displayed"  or do you get your company's homepage?  

If you get the homepage, then the DLL has been edited somehow, probably with a redirect or forward?    

If you get the standard page not displayed error, then this is not the cause of your issue.  

Try that and come back with the results....


0
 

Author Comment

by:captony
ID: 17003138
Ya if I run "res://shdoclc.dll.dnserror.htm" I get the "The page cannot be displayed" but if I type in http://hjkhjk/ it goes to our website LOL

I can't for the life of me figure out how I pulled that off.. This happens on all systems inside my network.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 17003271
If you run an nslookup and search for lkjdsahflkjh.ddd    Do you get an answer from the server, if so, what is the response.   Is it the IP for your website?  

Could it be cache related?    Clear out all the cache in your DNS server?  Both DNS' if you have more than 1 dns server.    Any change with that?  

I'm curious as to the nslookup results...
 

0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 

Author Comment

by:captony
ID: 17003462
yup I get a non-autoritative from my dns server with the address of my webserver
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 17003769
Is your server Microsoft DNS or a version of BIND?  

0
 

Author Comment

by:captony
ID: 17004240
It's MS DNS running on windows 2000 server. I'm starting to think this might be my new service provider. Is there somthing they could have set that would make lost pages default to my website?
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 17004410
Very odd.  Since the nslookup should have returned a ** Non-existant domain **  message instead.  

A few more tests:
1) Do you have a Forwarder setup in your MS DNS setup?   If so are these your new ISP's DNS servers?    Curious to see what happens if you try another ISP's DNS  (i.e. ATT DNS Servers 12.127.16.67 and 12.127.17.71)  

2) If your machine is setup as a DNS server for your Domain name?  Or do you rely on an ISP for your website's hostname resolution?  

3) If you try a NSLOOKUP and use 'SERVER 12.127.16.67' (this ip is ATT, you should use your ISP's DNS servers here also).   This sets the server to the ISPs DNS , not yours.   Try a lookup for slkjdfsls.aaa and see if you get your website or the Non existant domain message.    

0
 

Author Comment

by:captony
ID: 17011675
Yes, I had forwarders setup but turned them of while having this issue.

Our PDC is the DNS server for our Domain.

When I do an nslookup using the other server I still get our website for sdfsdfsfd.aaa, which I find very odd....
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 17012308
Did I understand you right - nslookup, changed server to att's DNS, used garbage for a hostname and ATT returned the Non-autoritative answer of your website's IP??  

0
 

Author Comment

by:captony
ID: 17012789
You got it. Don't ask me how...
0
 

Author Comment

by:captony
ID: 17012867
One thing I find odd is that anytime I do a lookup it tags our domain on the end. for example lets say I'm google.com and I do a lookup for sadsdf.aaa, what I get is

name: sadsdf.aaa.google.com
address: the address of our webserver

So something is putting our domain name on the end of the searches, is that supposed to be happening?
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 250 total points
ID: 17013347
Ahhh....   in XP you can append a DNS suffix to any dns query.  

You can configure the DNS suffix search order on a Windows system by following these steps:

   1. Access the properties of the network interface you wish to configure.
   2. Double-click on "Internet Protocol (TCP/IP)."
   3. In the Internet Protocol (TCP/IP) Properties dialog box, click the Advanced button.
   4. Click the DNS tab in the Advanced TCP/IP Settings dialog box.
   5. Click the "Append these DNS suffixes (in order)" radio button.
   6. Now click the Add button to add DNS suffixes to the connection.
   7. In the TCP/IP Domain Suffix dialog box, enter the name of the first domain name to append to any DNS search (Example: mcpmag.com).
   8. Repeat steps 6-7 for each additional domain.
   9. When finished, click OK to close the Advanced TCP/IP Settings dialog box.
  10. Click OK to close the Internet Protocol (TCP/IP) Properties dialog box.
  11. Click OK to close the network connection's Properties dialog box


Then use nslookup on a DNS client and query a name of a non existant server. Then you can open the %systemroot%\system32\dns\dns.log file on the DNS server to see the query results and check if the dns suffix is being appended to the search.    

0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question