Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 267
  • Last Modified:

DNS records for web server get changed to invalid ip addresses

The DNS records on our web server (Windows 2003 Std) are somehow changing to point to invalid IP addresses.
Our webserver sits in the DMZ outside our firewall.  It connects back into our network through the firewall (Watchguard 1000) to get database information to feed the web sites.  The IP setup on the webserver points first to our internal DNS server for it's DNS records (10.x.x.x), then to a public DNS server.
Overnight the last few nights the DNS record for our internal servers is getting changed to point to some public IP address totally unrelated to our company.  I need to stop this from happening.
For instance:  our local network is 'comany.local' and our external is 'company.com'.  When I do a tracert using just the computer name (tracert servername) from the webserver to the database computer it connects to inside our firewall, it normally shows 'tracing route to servername.company.local' and resolves to the IP on our local network (10.x.x.x).  Lately though, we come in in the morning and find the connection from the webserver into the db server is not working.  A 'tracert servername' results in 'tracing route to servername.company.local' and some public IP address (69.46.x.x) that it starts searching for on the Internet.  That ip address resolves to some company I never heard of.  Running ipconfig /flushdns and ipconfig /registerdns fixes the issue and the tracert once again resolves to our internal network ip address.
Where and why is the web server picking up the invalid ip address?  How do I stop this from happening?
1 Solution
Hi, I'm not sure why that is happening, but one solution would be to use the HOSTS file on the web server instead of DNS to make sure the web server always resolves the name of the database server to the correct address.  The file is usually located in: c:\WINDOWS\system32\drivers\etc.

 It looks like your internal DNS is having problem. Check the IP address associated with the A record. If it's wrong, update with the correct IP.

si-supportAuthor Commented:
Neither of these did the trick.  We ended up scheduling a task to periodically run the ipconfig commands and that has taken care of the problem.
Closed, 500 points refunded.
Community Support Moderator

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now