This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.
Solved
Unknown Strange DNS entries related to "(same as parent folder)" domain name
Posted on 2010-09-24
Hi,
When I do a nslookup on my domain name Peknor.com it gives me 5 ip's 3 of them are my domain controllers and the other 2 are unknown address 172.23.22.0 10.95.2.0.
I don't know why would they end by 0's and I also when I look in the DNS list the host name is (same as parent folder)??
tx!
When I do a nslookup on my domain name Peknor.com it gives me 5 ip's 3 of them are my domain controllers and the other 2 are unknown address 172.23.22.0 10.95.2.0.
I don't know why would they end by 0's and I also when I look in the DNS list the host name is (same as parent folder)??
tx!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
2-
2
- +1
7 Comments
Delete them and see if they come back :)
If they do, one of your DCs is likely to be registering them, which would lead onto checking your DCs to see if they have any adapters configured with those addresses.
Chris
Hi Chris-Dent,
I'm not too hot about the technique of deleting something just to see the result especially on a production DC :)
One of them is 10.95.2.0 which is our ip phone Vlan which I don't see why it would be listed there and not any other vlans. The other one are a subnet of one of our entities which we have a permanent vpn tunnel with them but here again why would our other permanent vpn tunnels not be listed there if this one is.
I'm not too hot about the technique of deleting something just to see the result especially on a production DC :)
One of them is 10.95.2.0 which is our ip phone Vlan which I don't see why it would be listed there and not any other vlans. The other one are a subnet of one of our entities which we have a permanent vpn tunnel with them but here again why would our other permanent vpn tunnels not be listed there if this one is.
Those entries are used for DFS and Group Policy application. The only records listed should be the IP addresses of your DCs.
Network addresses for VLANs have no reason to be there and should be removed.
Chris
Active today
I concur with Chris; those extraneous records should be deleted. "(Same as parent folder)" host records refer to the domain itself rather than a specific host name within the domain. In an AD domain, only your domain controllers' IP addresses should be listed in those records, or you may experience problems with authentication, replication, etc.
Featured Post
Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource.
Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month10 days, 6 hours left to enroll
718 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.