Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 5509 Source: DNS

Source
Level
Description
The DNS server encountered an invalid DNS update message from <ip address>. The packet was rejected.
Comments
 
This event will be triggered if the "name checking" property is set to Strict-RFC and the client's name is something other than letters, numbers, and the minus sign (-). The underscore is NOT a valid character when using Strict RFC. "Name Checking" is a property of the DNS server and is located on the advanced tab. Clients include W2K, XP, and Win9x. DHCP can also trigger this event if it is registering the name on behalf of the client.
As per Microsoft: "This issue can occur if you are using a computer that is running Windows 95, Windows 98, or Windows 98 Second Edition, and the computer name includes special characters, such as a number sign (#), an ampersand (@), or a dollar sign ($). You can use the characters in computer names when you use Windows 95 and Windows 98, but Windows 2000 DNS only supports the en dash character (-) and the underscore character (_), by default. If your computer name includes a different special character, the DNS server rejects the name registration in DNS". See ME288176 for more details.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...