With some of the servers I maintain, prisoner.iana.org shows up as a DNS entry in the system logs. Because of the name, it “looks” suspicious. It is nothing to worry about: there are no hackers, and something isn’t wrong with your system.

IANA was the name of the organization that was responsible for handing out IP address blocks back in the day.

There was a need for a placeholder zone for the three blocks of non-routable addresses, so IANA setup three DNS servers: blackhole-1.iana.org, blackhole-2.iana.org and prisoner.iana.org.

If a system with the address range: 192.168.XXX.XXX tries to register its PTR record without a local DNS server, it will try to register with prisoner.iana.org. Obviously prisoner.iana.org will reject the request. Hence the many instances of this address in the DNS logs / Event Viewer.

Related posts:

1. SPF Records for Windows Email Servers
2. Email Address Specifications
3. Host Headers vs. Spam and How-to Setup on IIS6 and IIS7

|  Print This Post |