From: thebluefox on
Greetings,

I have recently had an issue with the dns address on a windows xp
professional workstation... some background.

I have a windows domain environment, with sbs server 2003 R2 and 20 XP
pro workstations.

My work stations point to the server for DNS in the network settings
tcp/ip dialog box. My ip's are all static, as well as the gateway.

A recent virus/malware renamed the dns address to some address in
russia. how can I lockdown the dns settings so that no program,
malware, etc. can make changes to it. I assume something at the server
level in group policy can handle this, but need some help in getting
there. Anything is greatly appreciated. Thanks.


-thebluefox
From: Shenan Stanley on
thebluefox wrote:
> I have recently had an issue with the dns address on a windows xp
> professional workstation... some background.
>
> I have a windows domain environment, with sbs server 2003 R2 and 20
> XP pro workstations.
>
> My work stations point to the server for DNS in the network settings
> tcp/ip dialog box. My ip's are all static, as well as the gateway.
>
> A recent virus/malware renamed the dns address to some address in
> russia. how can I lockdown the dns settings so that no program,
> malware, etc. can make changes to it. I assume something at the
> server level in group policy can handle this, but need some help in
> getting there. Anything is greatly appreciated. Thanks.


Since the user who got infested had to have administrative rights in order
to make such changes - your answer is that you cannot. Take away
administrative rights and do not use the computer daily with such rights.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


From: VanguardLH on
thebluefox wrote:

> Greetings,
>
> I have recently had an issue with the dns address on a windows xp
> professional workstation... some background.
>
> I have a windows domain environment, with sbs server 2003 R2 and 20 XP
> pro workstations.
>
> My work stations point to the server for DNS in the network settings
> tcp/ip dialog box. My ip's are all static, as well as the gateway.
>
> A recent virus/malware renamed the dns address to some address in
> russia. how can I lockdown the dns settings so that no program,
> malware, etc. can make changes to it. I assume something at the server
> level in group policy can handle this, but need some help in getting
> there. Anything is greatly appreciated. Thanks.
>
> -thebluefox

See replies to your same MULTI-posted message in the other newsgroups
(and now you get to try to figure out where you multi-posted whereas if
you had cross-posted then you wouldn't have to go check the other
newsgroups).
From: Sy Kosis on

:
: See replies to your same MULTI-posted message in the other newsgroups
: (and now you get to try to figure out where you multi-posted whereas if
: you had cross-posted then you wouldn't have to go check the other
: newsgroups).

More of your pretentious condescension.


From: Twayne on
In news:i0asj0$fei$1(a)news.eternal-september.org,
Sy Kosis <sy(a)kosis.invalid> typed:
>> See replies to your same MULTI-posted message in the other
>> newsgroups (and now you get to try to figure out where you
>> multi-posted whereas if you had cross-posted then you
>> wouldn't have to go check the other newsgroups).
>
> More of your pretentious condescension.

That advice is dead-on correct.

--
--
http://www.blakjak.demon.co.uk/mul_crss.htm




--
--
http://en.wikipedia.org/wiki/Cross_posting
and
http://en.wikipedia.org/wiki/Crossposting