dns question
in [Security]
|
Prev: load a program that is loaded for all users just for a single
Next: Using Control panel doesn't remove Ad-Aware
From: thebluefox on 26 Jun 2010 11:40 Greetings, I have recently had an issue with the dns address on a windows xp professional workstation... some background. I have a windows domain environment, with sbs server 2003 R2 and 20 XP pro workstations. My work stations point to the server for DNS in the network settings tcp/ip dialog box. My ip's are all static, as well as the gateway. A recent virus/malware renamed the dns address to some address in russia. how can I lockdown the dns settings so that no program, malware, etc. can make changes to it. I assume something at the server level in group policy can handle this, but need some help in getting there. Anything is greatly appreciated. Thanks. -thebluefox
From: Shenan Stanley on 26 Jun 2010 11:52 thebluefox wrote: > I have recently had an issue with the dns address on a windows xp > professional workstation... some background. > > I have a windows domain environment, with sbs server 2003 R2 and 20 > XP pro workstations. > > My work stations point to the server for DNS in the network settings > tcp/ip dialog box. My ip's are all static, as well as the gateway. > > A recent virus/malware renamed the dns address to some address in > russia. how can I lockdown the dns settings so that no program, > malware, etc. can make changes to it. I assume something at the > server level in group policy can handle this, but need some help in > getting there. Anything is greatly appreciated. Thanks. Since the user who got infested had to have administrative rights in order to make such changes - your answer is that you cannot. Take away administrative rights and do not use the computer daily with such rights. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html
From: VanguardLH on 26 Jun 2010 17:26 thebluefox wrote: > Greetings, > > I have recently had an issue with the dns address on a windows xp > professional workstation... some background. > > I have a windows domain environment, with sbs server 2003 R2 and 20 XP > pro workstations. > > My work stations point to the server for DNS in the network settings > tcp/ip dialog box. My ip's are all static, as well as the gateway. > > A recent virus/malware renamed the dns address to some address in > russia. how can I lockdown the dns settings so that no program, > malware, etc. can make changes to it. I assume something at the server > level in group policy can handle this, but need some help in getting > there. Anything is greatly appreciated. Thanks. > > -thebluefox See replies to your same MULTI-posted message in the other newsgroups (and now you get to try to figure out where you multi-posted whereas if you had cross-posted then you wouldn't have to go check the other newsgroups).
From: Sy Kosis on 28 Jun 2010 15:18 : : See replies to your same MULTI-posted message in the other newsgroups : (and now you get to try to figure out where you multi-posted whereas if : you had cross-posted then you wouldn't have to go check the other : newsgroups). More of your pretentious condescension.
From: Twayne on 29 Jun 2010 14:06
In news:i0asj0$fei$1(a)news.eternal-september.org, Sy Kosis <sy(a)kosis.invalid> typed: >> See replies to your same MULTI-posted message in the other >> newsgroups (and now you get to try to figure out where you >> multi-posted whereas if you had cross-posted then you >> wouldn't have to go check the other newsgroups). > > More of your pretentious condescension. That advice is dead-on correct. -- -- http://www.blakjak.demon.co.uk/mul_crss.htm -- -- http://en.wikipedia.org/wiki/Cross_posting and http://en.wikipedia.org/wiki/Crossposting |