Like so many other businesses, my employer has been hammered by by sobig and blaster. All the admins have been busy kicking the infected off the network and making sure everyone has the latest patches.
And IT is run by very pro MS people. Our local admin doesn't like it, but almost of the servers are MS crap including DNS and DHCP (which is what this piece is all about.)
So Friday, our admin sent out a list of computer names and corrasponding IP addresses that weren't patched. And the name of my windows machine was on the list! I went "What?! I double checked my patches earlier and all was in order!". Then I noticed the IP address by my computer name. My machine hadn't had that IP address is ages.
Most computers get their IP addresses from DHCP and DNS is supposed to be updated with the DHCP lease. But DNS reverse lookups at work have been, and continue to be total garbage. Forward DNS will point to the correct machines, but reverse DNS points to some random machine that had the IP address god only knows how long ago. (As an example, my only windows machine gets its address through DHCP, but has had the same address for months. Reverse lookup yields the name of someone elses computer. And reverse lookup of that IP yields another bogus entry and so on.)
So, now our poor admin has to track things down using physical ports. Windows is certainly keeping all of the admins in this company busy.
Dave "LordBeatnik"