dns question

Greetings,

I have recently had an issue with the dns address on a windows xp
professional workstation... some background.

I have a windows domain environment, with sbs server 2003 R2 and 20 XP
pro workstations.

My work stations point to the server for DNS in the network settings
tcp/ip dialog box. My ip's are all static, as well as the gateway.

A recent virus/malware renamed the dns address to some address in
russia. how can I lockdown the dns settings so that no program,
malware, etc. can make changes to it. I assume something at the server
level in group policy can handle this, but need some help in getting
there. Anything is greatly appreciated. Thanks.


-thebluefox

thebluefox wrote:
I have recently had an issue with the dns address on a windows xp
professional workstation... some background.

I have a windows domain environment, with sbs server 2003 R2 and 20
XP pro workstations.

My work stations point to the server for DNS in the network settings
tcp/ip dialog box. My ip's are all static, as well as the gateway.

A recent virus/malware renamed the dns address to some address in
russia. how can I lockdown the dns settings so that no program,
malware, etc. can make changes to it. I assume something at the
server level in group policy can handle this, but need some help in
getting there. Anything is greatly appreciated. Thanks.


Since the user who got infested had to have administrative rights in order
to make such changes - your answer is that you cannot. Take away
administrative rights and do not use the computer daily with such rights.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

thebluefox wrote:

Greetings,

I have recently had an issue with the dns address on a windows xp
professional workstation... some background.

I have a windows domain environment, with sbs server 2003 R2 and 20 XP
pro workstations.

My work stations point to the server for DNS in the network settings
tcp/ip dialog box. My ip's are all static, as well as the gateway.

A recent virus/malware renamed the dns address to some address in
russia. how can I lockdown the dns settings so that no program,
malware, etc. can make changes to it. I assume something at the server
level in group policy can handle this, but need some help in getting
there. Anything is greatly appreciated. Thanks.

-thebluefox

See replies to your same MULTI-posted message in the other newsgroups
(and now you get to try to figure out where you multi-posted whereas if
you had cross-posted then you wouldn't have to go check the other
newsgroups).

:
: See replies to your same MULTI-posted message in the other newsgroups
: (and now you get to try to figure out where you multi-posted whereas if
: you had cross-posted then you wouldn't have to go check the other
: newsgroups).

More of your pretentious condescension.

In ,
Sy Kosis typed:
See replies to your same MULTI-posted message in the other
newsgroups (and now you get to try to figure out where you
multi-posted whereas if you had cross-posted then you
wouldn't have to go check the other newsgroups).

More of your pretentious condescension.

That advice is dead-on correct.

--
--
http://www.blakjak.demon.co.uk/mul_crss.htm




--
--
http://en.wikipedia.org/wiki/Cross_posting
and
http://en.wikipedia.org/wiki/Crossposting