• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1201
  • Last Modified:

Large amount of DNS event 5501 in event logs

I've got a 2000 Domain controller with a lot of 5501 events happening. The bad packets are coming from a particular IP, based in Austria.
I realise that the event is just informational, but I'm concerend that this one IP is maliciously sending malformed packets, and it's slowing down my DSN server.
Can anyone give me a good way to deal with it?
  • 2
2 Solutions
Christopher MartinezCommented:
Do you have a ACL/IPSec setup? If so i would make sure that this IP is filtered to ignore all request.

If you would lik emore info on doing this i suggest this article
Good luck!
If the packets are all coming from one IP outside your network, and you have no idea what that IP is or why it would be sending those packets, you should consider blocking it at your firewall.  You should also consider upgrading that DC, as Windows 2000 reached end-of-life in July, so MS will no longer provide support for it.

lineonecorpAuthor Commented:
I will read the article and get back to you.
lineonecorpAuthor Commented:
Thanks for the suggestions
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now