• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1410
  • Last Modified:

Windows 2008 DNS Server Error 5504

Hello,
On my 2008 windows server standard r2 i am getting this erro 5504 being logged several times per day. This is the only domain controller and dns server in the domain. The server is not set up for any forwarders and just uses the root hints.

I have seen several articles saying could be firewall, you should set the forwarder to your isp. But none of these people seem so definte in their answer so i will try this.

Here is one of the errors.

The DNS server encountered an invalid domain name in a packet from 144.160.20.46. The packet will be rejected. The event data contains the DNS packet.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
valmatic
Asked:
valmatic
  • 7
  • 2
  • 2
2 Solutions
 
valmaticAuthor Commented:
i do have a fireall rule allowing any dns request from my dns server to the internet out allowed.
0
 
valmaticAuthor Commented:
anyone home
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Yep -- at home, and not at work.  Takes longer to respond at home.  ;-)

Those messages are DNS Spoofing protection messages:
http://en.wikipedia.org/wiki/DNS_cache_poisoning

Most likely the errors are being caused by other people's DNS servers which aren't configured correctly, although there is always a chance they are being generated by an intentional malicious attack against your system.  The good news is that you are receiving log messages rather than having your DNS hijacked.
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
Darius GhassemCommented:
0
 
valmaticAuthor Commented:
thanks guys let me read all these articles and ill get back to you!
0
 
valmaticAuthor Commented:
so does this mean i should set up a forward to my ISPs DNS server instead of it going straight for the root hints? What do you guys think?
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Unless there are extenuating circumstances -- yes, you should set up a forwarder to your ISPs DNS server.
0
 
valmaticAuthor Commented:
everyting works fine now i think with the one dns server and using the root hints, but it seems like these articles say i should use a isp dns server as a forwarder instead? But do you think i should not?
0
 
valmaticAuthor Commented:
also what do you think about this reg tweak that i saw when i was orignally searching for this 5504 error message?
0
 
valmaticAuthor Commented:
0
 
Darius GhassemCommented:
DNS Forwarders should be used.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 7
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now