Any dns trace analysis tools?
Sebastian Castro Avila
secastro at nic.cl
Sun May 22 05:01:11 UTC 2005
Han Dianfei wrote:
> Hi,
>
> Sorry that this is a little bit off the topic.
>
> Is there any tools that can analyze dns traces(libpcap format)?
> Currently, I'm looking for a tool that can do some in-depth analysis
> such as finding out repeated queries, invalid TLDs, bogus A queries, etc.
>
I don't know any, but using some perl and some useful modules
(Net::Pcap, NetPacket::Ethernet, NetPacket::IP, NetPacket::UDP,
Net::DNS::*) I've wrote a program to analyze the traffic of my servers.
Having that, you could make any specific check you'd like.
I hope it helps.
> Any help would be appreciated.
>
> Thanks in advance!
>
More information about the bind-users
mailing list