• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

2k server generating some weird traffic

Hey all, I'm a student at a University and they are giving a software package to all students. This package contains an upgrade version of 2k server so I installed it and started messing around with it. I noticed that it's been generating lots of traffic to the following IPs: 192.5.6.30 and 192.175.48.1. I'm sure it's generating this traffic for a reason, does anyone know why? The above two IPs resolve to the following addresses.

192.5.6.30 = a.gtld-servers.net
192.175.48.1 = prisoner.iana.org
 
No, I'm pretty sure I'm not hacked, I am behind a decent linux firewall. I think the above has something to do with win2k DNS as all the traffic generated on the above IPs is on port 53 (DNS). Is there a setting that I can enable within win2k DNS that will disable this traffic?
 
Looks like you installed the dns server and have it set to do lookups against the root servers. Disable the DNS server or configure it to use forwarders to your local DNS if you want to kill this traffic.
Bill
 
The second IP is the address for prisoner.iana.org. This is the primary DNS server that holds the zones for the three unroutable IP ranges (10.in-addr.arpa, 16.172.in-addr.arpa, and 168.192.in-addr.arpa).

So if your machine has an address in one of these ranges, it will try to register a PTR record with a DNS server. If you don't have a local DNS server with one of those zones, it will try to register with prisoner.iana.org, which will reject it.

This isnt anything to worry about.

Also, I believe the first IP is a DNS root server.
 
Back
Top