cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Strange DNS queries searching for aatp.dns.detection.local being made from MSDI sensors on DCs

tonywvincent
Copper Contributor

‎May 07 2024 08:55 AM

‎May 07 2024 08:55 AM

Strange DNS queries searching for aatp.dns.detection.local being made from MSDI sensors on DCs

We have noticed that DNS queries for aatp.dns.detection.local are coming from MSDI sensors on some of our DCs. The strange thing is that the queries are going to DNS servers that are not configured anywhere on the DC or elsewhere. The DNS servers that the queries are directed to are going to be switched off in the near future - will this cause an issue for MSDI detections?

233 Views
0 Likes
1 Reply
Reply
1 Reply
Eli Ofek

‎May 07 2024 02:44 PM

‎May 07 2024 02:44 PM

Re: Strange DNS queries searching for aatp.dns.detection.local being made from MSDI sensors on DCs

@tonywvincent this us by design.

Thise server most likely issued axfr to ine if the sensor machines. In reponse the sensor tries to do various tests to learn if this is a real dns server... One the machine is gone it wont try to conect it any more, so no issues.

0 Likes
Reply