blob: 4465add979b92ba063b722ec5472725e45d5cfa4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of:
* Source IP addresses
* Destination IP addresses
* Query types
* Response codes
* Opcodes
* Top level domains
* Second level domains
* Third level domains
* etc...
dnstop supports both IPv4 and IPv6 addresses.
To help find especially undesirable DNS queries, dnstop provides a number of filters. The filters tell dnstop to display only the following types of queries:
* For unknown/invalid TLDs
* A queries where the query name is already an IP address
* PTR queries for RFC1918 address space
dnstop can either read packets from the live capture device, or from a tcpdump savefile.
--
Unless modified, this script compiles with PPP frame support.
Homepage: http://dns.measurement-factory.com/tools/dnstop/
|