Hey,
As stated in the question, I have a DNS server (that is also a DC) that is constently sending dns requests to a few non existent IPs.
I noticed it first by seeing said traffic getting dropped by the firewalls clean-up rule.
The server sends the packets from the source port 1032 to the destination port 53.
It appears to be sending the packets at random times, however it does send a group of them at around the same minute.
I believe it most likley to be a misconfiguration.
Though I have absolutly no idea on how to fix it or whats the causing configuration, I'm pretty sure that its the 'dns.exe' process that is responsible for the traffic.
The OS is Microsoft Windows Server 2003, Enterprise Edition
Version 5.2.3790 SP 1
If i'm asking in the wrong place, would you please direct me to where I should be?
Thanks in advance,