DNS records for web server get changed to invalid ip addresses

Posted on 2007-08-03
Last Modified: 2008-01-14
The DNS records on our web server (Windows 2003 Std) are somehow changing to point to invalid IP addresses.
Our webserver sits in the DMZ outside our firewall.  It connects back into our network through the firewall (Watchguard 1000) to get database information to feed the web sites.  The IP setup on the webserver points first to our internal DNS server for it's DNS records (10.x.x.x), then to a public DNS server.
Overnight the last few nights the DNS record for our internal servers is getting changed to point to some public IP address totally unrelated to our company.  I need to stop this from happening.
For instance:  our local network is 'comany.local' and our external is ''.  When I do a tracert using just the computer name (tracert servername) from the webserver to the database computer it connects to inside our firewall, it normally shows 'tracing route to' and resolves to the IP on our local network (10.x.x.x).  Lately though, we come in in the morning and find the connection from the webserver into the db server is not working.  A 'tracert servername' results in 'tracing route to' and some public IP address (69.46.x.x) that it starts searching for on the Internet.  That ip address resolves to some company I never heard of.  Running ipconfig /flushdns and ipconfig /registerdns fixes the issue and the tracert once again resolves to our internal network ip address.
Where and why is the web server picking up the invalid ip address?  How do I stop this from happening?
Question by:si-support

    Expert Comment

    Hi, I'm not sure why that is happening, but one solution would be to use the HOSTS file on the web server instead of DNS to make sure the web server always resolves the name of the database server to the correct address.  The file is usually located in: c:\WINDOWS\system32\drivers\etc.

    LVL 2

    Expert Comment

     It looks like your internal DNS is having problem. Check the IP address associated with the A record. If it's wrong, update with the correct IP.


    Accepted Solution

    Neither of these did the trick.  We ended up scheduling a task to periodically run the ipconfig commands and that has taken care of the problem.
    LVL 1

    Expert Comment

    Closed, 500 points refunded.
    Community Support Moderator

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
    Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now