Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows Server 2003Windows 2000Windows NTSmall Business ServerVirtual ServerExchange ServerIISHost Integration ServerISA ServerSMSWSUSMOMWindows Media ServerSecurityCertification
Related Topics
SQL ServerMS WindowsMS OfficePC HardwareMore Topics ...
Windows Server Forum / Windows 2000 / DNS / June 2007

Tip: Looking for answers? Try searching our database.

Who is requesting DNS lookups from my Windows 2003 dns server

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Mik - 01 Jun 2007 04:48 GMT
I have a firewall logger program that show me traffic coming in and
out of our network.  It currently shows high / evenly distributed
levels of traffic dns traffic originating from my Windows 2003 AD /
active directory DNS server.  I would like to know which of my clients
is making the requests to my AD server.  Does anyone know how to get
this info.

My DNS server is currently configed for Root hints.

thanks

Mik
Reply to this Message
Kevin D. Goodknecht Sr. [MVP] - 01 Jun 2007 22:44 GMT
Read inline please.

In news:1180642306.315429.192820@i38g2000prf.googlegroups.com,
Mik <miked@onlineshoes.com> typed:
> I have a firewall logger program that show me traffic coming in and
> out of our network.  It currently shows high / evenly distributed
> levels of traffic dns traffic originating from my Windows 2003 AD /
> active directory DNS server.  I would like to know which of my clients
> is making the requests to my AD server.  Does anyone know how to get
> this info.

I'm not sure what you are really asking, but if your clients are configured
properly, they should all be requesting DNS from the DC if it has DNS
installed.

> My DNS server is currently configed for Root hints.

Also, not sure how this relates to your question.

Signature

Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Reply to this Message
Mik - 02 Jun 2007 06:26 GMT
On Jun 1, 2:44 pm, "Kevin D. Goodknecht Sr. [MVP]"
<a...@nospam.WFTX.US> wrote:
> Read inline please.
>
[quoted text clipped - 31 lines]
> with OEBackup:http://www.oehelp.com/OEBackup/Default.aspx
> ===================================

Sorry for not asking the question properly...

I need to find a log (or enable logging) on my Windows 2003 Active
Directory integrated DNS server - to find out which client (ip
address) is requesting what name lookup.  I know that these clients
requesting dns info from my DNS server are MY clients - because their
conifgured with a DHCP scope listing my internal DNS server.
Ultimetly I'm trying to identify what my firewall logging program is
seeing.... Its seeing a lot of DNS iterative or recursive queries
coming from my DNS server (which are requests from my clients) I want
to know which of my clients are doing the requesting and for what
associated FQDNs.

thanks again for any help on this!

Mik
Reply to this Message
Ace Fekay [MVP] - 08 Jun 2007 03:59 GMT
> Sorry for not asking the question properly...
>
[quoted text clipped - 12 lines]
>
> Mik

Sounds like you'll need a packet sniffer to find this info. If you want to
keep track of what sites and traffic your users are up to, as well as
control such traffic, I would suggest installing ISA, Websense, Barracuda,
or any other number of proxy applicance out there that will log all traffic
and can work with AD authentication to allow traffic. Big Brother...

Signature

Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain

Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.