DNS Warning Events flooding DSL Log on Server

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Can someone please help me with this?
A little while ago we i started receiving this error in the DNS log on the
PDC. All the addresses that are showing up are root server addresses. What
could be causing these events?

Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 10/05/2005
Time: 1:03:06 PM
User: N/A
Computer:<server name>
Description:
The DNS server encountered an invalid domain name in a packet from
128.63.2.53. The packet is rejected.
 
I also started seeing these recently. Lasted for a few days, and then just
automagically stopped, without any intervention, just a couple of reboots.
I'm still concerned about the cause of this, though. In addition to several
versions of the 5504, I also get the 5501 and 5509. See text of these
events below.

5501:
The DNS server encountered a bad packet from 199.7.67.1. Packet processing
leads beyond packet length. The event data contains the DNS packet.

* The IP addresses in this message vary, but are always external and
sometimes our ISP's DNS IP
** The readable sections of packet data for this and other related events
refer to various domains, such as 'toolbar.msn.com' or 'www.symantec.com' or
one of our internal IP's.

5504 (first version):
The DNS server encountered an invalid domain name in a packet from
192.168.1.53. The packet will be rejected. The event data contains the DNS
packet.

5504 (second version):
The DNS server encountered an invalid domain name in a packet from
192.168.1.10. The packet will be rejected. The event data contains the DNS
packet.

5504 (third version):
The DNS server encountered an invalid domain name in a packet from Invalid
DNS_ADDR at 02162710. The packet will be rejected. The event data contains
the DNS packet.

5504 (fourth version):
The DNS server encountered an invalid domain name in a packet from
64.81.45.2. The packet will be rejected. The event data contains the DNS
packet.

5509:
The DNS server encountered an invalid DNS update message from 192.168.1.63.
The packet was rejected. The event data contains the DNS packet.
 
Back
Top