Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The DNS server encountered an invalid DNS update message from <ip address>. The packet was rejected.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of a DNS server?
This event will be triggered if the "name checking" property is set to Strict-RFC and the client's name is something other than letters, numbers, and the minus sign (-). The underscore is NOT a valid character when using Strict RFC. "Name Checking" is a property of the DNS server and is located on the advanced tab. Clients include W2K, XP, and Win9x. DHCP can also trigger this event if it is registering the name on behalf of the client.
As per Microsoft: "This issue can occur if you are using a computer that is running Windows 95, Windows 98, or Windows 98 Second Edition, and the computer name includes special characters, such as a number sign (#), an ampersand (@), or a dollar sign ($). You can use the characters in computer names when you use Windows 95 and Windows 98, but Windows 2000 DNS only supports the en dash character (-) and the underscore character (_), by default. If your computer name includes a different special character, the DNS server rejects the name registration in DNS". See ME288176 for more details.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated