Ask the Expert

Black hole server attempting to force DNS record

I keep getting an attempt on my Windows 2003 Server from prisoner.iana.org that is attempting to force a DNS record on my server. How can I block this IP to make sure that they don't find a workaround to actually force my DNS server to accept it? So far (probably due to an error in my DNS) he has been unsuccessful.

    Requires Free Membership to View

prisoner.iana.org is what is called a black hole server. The IANA provides the servers to respond to reverse inquiries (looking for a name from an IP address instead of the other way around) for IP address ranges that should never make it onto the Internet. The following ranges are reserved for internal use only by anyone. They should never be routed onto the Internet.
 10.0.0.0 - 10.255.255.255 

 172.16.0.0 - 172.31.255.255 

 192.168.0.0 - 192.168.255.255
However some systems may do a reverse lookup on such IP addresses. In these cases the information has the potential for being queried on the Internet. If you are using one of these IP address ranges internally in your organization, you should make sure that you have configured the reverse lookup zones that correspond to the private IP address scheme that you are using.

For more information on the use of black hole servers take a look at:
http://www.iana.org/faqs/abuse-faq.htm#FAQonBlackholeServers
Paul

Additional Expert Help:
Be sure to check our Answer FAQ for more expert advice.
For faster answers, visit ITKnowledge Exchange.

This was first published in December 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: