blob: a34f6b94a840ec8b0d669eac516172d90e109ce5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
dnstop is a libpcap application (ala tcpdump) that displays various
tables of DNS traffic on your network. Currently dnstop displays
tables of:
* Source IP addresses
* Destination IP addresses
* Query types
* Response codes
* Opcodes
* Top level domains
* Second level domains
* Third level domains
* etc...
dnstop supports both IPv4 and IPv6 addresses.
To help find especially undesirable DNS queries, dnstop provides
a number of filters. The filters tell dnstop to display only the
following types of queries:
* For unknown/invalid TLDs
* A queries where the query name is already an IP address
* PTR queries for RFC1918 address space
dnstop can either read packets from the live capture device, or from a
tcpdump savefile.
--
Unless modified, this script compiles with PPP frame support.
|
