Hi,
We have a sinlge forest/domain. 2 dcs at data centre. DNS in AD-integrated
and all dcs are gcs. The primary dc dns is configured to provide the dns
service for internet users through the firewall (allowing protocol-
udp/domain). Everything is working fine. No other errors. But we keep getting
the below information events in the DNS event logs.
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 5/15/2008
Time: 8:05:54 AM
User: N/A
Computer: HODC1
Description:
The DNS server encountered an invalid domain name in a packet from
63.209.3.132. The packet will be rejected. The event data contains the DNS
packet.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7d b5 84 00 01 00 06 00 }µ?.....
0008: 00 00 00 00 06 74 6f 67 .....tog
0010: 67 6c 65 03 77 77 77 02 gle.www.
0018: 6d 73 06 61 6b 61 64 6e ms.akadn
0020: 73 03 6e 65 74 00 00 1c s.net...
0028: 00 01 c0 0c 00 05 00 01 ..Û.....
0030: 00 00 01 2c 00 04 01 67 ...,...g
0038: c0 13 c0 36 00 05 00 01 Û.Û6....
0040: 00 00 01 2c 00 06 03 6c ...,...l
0048: 62 31 c0 13 c0 46 00 01 b1Û.ÛF..
0050: 00 01 00 00 01 2c 00 04 .....,..
0058: cf 2e 13 fe c0 46 00 01 د..â€ÛF..
0060: 00 01 00 00 01 2c 00 04 .....,..
0068: cf 2e c0 fe c0 46 00 01 د.Ûâ€ÛF..
0070: 00 01 00 00 01 2c 00 04 .....,..
0078: cf 2e 13 be c0 46 00 01 د..¾ÛF..
##################################################
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 5/14/2008
Time: 3:57:59 PM
User: N/A
Computer: HODC1
Description:
The DNS server encountered an invalid domain name in a packet from
208.44.108.137. The packet will be rejected. The event data contains the DNS
packet.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: d7 7b 84 00 01 00 02 00 ×{?.....
0008: 00 00 00 00 0c 6c 6f 67 .....log
0010: 69 6e 2d 67 6c 6f 62 61 in-globa
0018: 6c 06 79 61 68 6f 6f 38 l.yahoo8
0020: 06 61 6b 61 64 6e 73 03 .akadns.
0028: 6e 65 74 00 00 1c 00 01 net.....
0030: c0 0c 00 05 00 01 00 00 Û.......
0038: 01 2c 00 0e 05 6c 6f 67 .,...log
0040: 69 6e 05 79 61 68 6f 6f in.yahoo
0048: c0 20 c0 3c 00 01 00 01 Û Û<....
0050: 00 00 00 3c 00 04 45 93 ...<..E?
0058: 70 a0 p
#############################
Please guide, what are these event logs ?
Thanks in advance,
abc.
Bookmarks