PaulDotCom mailing list archives

Re: DNS Query capture and analysis

From: Carlos Perez <carlos_perez () darkoperator com>
Date: Mon, 27 May 2013 12:00:47 -0400

Have you own DNS Server, have it assigned thru DHCP and enable full logging on it would be the simplest way, the other 
would be a tap with a packet capture with filters for 53 UDP and 53 TCP.  
On May 26, 2013, at 9:53 PM, Tim Parker <timparkersec () gmail com> wrote:

What's the best way to capture and analyze DNS queries and responses on my LAN?  Are there any good tools out there 
for this?  I can run a full capture on the WAN interface, but then what's good for automating the extraction of the 
DNS traffic?

Thanks! 
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

DNS Query capture and analysis Tim Parker (May 27)
- Re: DNS Query capture and analysis Carlos Perez (May 27)
- Re: DNS Query capture and analysis Doug Burks (May 27)
- Re: DNS Query capture and analysis xgermx (May 27)
- Re: DNS Query capture and analysis craig bowser (May 27)
- Re: DNS Query capture and analysis Robin Wood (May 27)
- Re: DNS Query capture and analysis Harri Sylvander (May 27)
- Re: DNS Query capture and analysis John Bond (May 27)
  - Re: DNS Query capture and analysis Ryan B (May 27)
    - Re: DNS Query capture and analysis Frank McClain (May 28)
    - Re: DNS Query capture and analysis Tim Parker (May 28)
  - Re: DNS Query capture and analysis Jon Molesa (May 29)

(Thread continues...)