Sunday, July 5, 2009

Analysing your DNS Traffic with dnstop

dnstop uses the pcap library to filter all the DNS queries on a computer network and display them on a terminal

Firstly install from repository
# apt-get install dnstop
# dnstop -l 3

Once you are inside the dnstop, you can use the following sort-cut
  • @ - Display the source of the query, domain target, volume and percentage of DNS Traffic
  • # - Similar to @ but with third level domain name

For more information, see the Dnstop project site

No comments: