The .SE Registry has created a solution that stores queries and answers.
QUOTE
PacketQ (replaces DNS2DB)
PacketQ is a tool for analyzing PCAP-data, if can work with any packets
but is designed primarily for DNS and ICMP-traffic. PacketQ reads,
filters and groups the packets read from the
Unfortunately not, since billing is per query based, and each zone can have
different pricing. Also, results per query are very important for analytical
purposes in order to be able to spot problems in case some of forward zones
stop wroking and/or provide unacceptable sucess rates.
Anyway, i
On Thu, Jun 23, 2011 at 10:27:31PM +0200,
Stefan Certic ste...@routotelecom.com wrote
a message of 65 lines which said:
stored into database (matching the initial query from query log).
This may help: http://www.dnsmezzo.net/
We monitor our email system and may record your emails.
Don't!
On Thu, Jun 23, 2011 at 02:31:22PM -0700,
Ray Van Dolson rvandol...@esri.com wrote
a message of 37 lines which said:
If you're handy with Python, pcapy[1]
Quite limited.
and impacket[2]
No IPv6 support. And, anyway, neither pcapy nor impacket parses the
DNS (if you read French, see
Hi,
Does anyone have idea on following... Apart from bind9 query log, is it
possible to log response returned to client?
Regards,
--
Stefan Certic
RoutoMessaging
48 Charlotte Street
London, W1T 2NS
United Kingdom
http://www.routomessaging.com
GSMA Associate Member
Switchboard +44 (0) 870 231
On Jun 23, 2011, at 12:16 PM, Stefan Certic wrote:
Does anyone have idea on following... Apart from bind9 query log, is it
possible to log response returned to client?
Sure: use tcpdump, wireshark, or another network sniffer of your choice and
observe DNS responses to the clients you're
Thanks Chuck
Yes, that would be a solution, but i need logs processed through syslog and
stored into database (matching the initial query from query log).
Pharsing tcpdump is not going to be suitable for highly loaded system. I was
more looking for a solution to log responses same way queryes
On Jun 23, 2011, at 1:27 PM, Stefan Certic wrote:
Thanks Chuck
Yes, that would be a solution, but i need logs processed through syslog and
stored into database (matching the initial query from query log).
Why do you need to send this information via syslog to a database?
Pharsing tcpdump
On 06/23/2011 09:27 PM, Stefan Certic wrote:
Thanks Chuck
Yes, that would be a solution, but i need logs processed through syslog and
stored into database (matching the initial query from query log).
Pharsing tcpdump is not going to be suitable for highly loaded system. I was
more looking for
On 6/23/2011 4:27 PM, Stefan Certic wrote:
Thanks Chuck
Yes, that would be a solution, but i need logs processed through syslog and
stored into database (matching the initial query from query log).
Pharsing tcpdump is not going to be suitable for highly loaded system. I was
more looking for a
It is Enum server, and logging is taking care of billing process.
Flow is going something like this:
- Accept Query
- Write QueryLog through Syslog
- Syslog do an insert into database.
- Respond to query by asking forwarder or through local master zone
(Everything fine till now)
- Log response
On Thu, Jun 23, 2011 at 01:58:37PM -0700, Phil Mayers wrote:
On 06/23/2011 09:27 PM, Stefan Certic wrote:
Thanks Chuck
Yes, that would be a solution, but i need logs processed through syslog and
stored into database (matching the initial query from query log).
Pharsing tcpdump is not
On Jun 23, 2011, at 2:28 PM, Stefan Certic wrote:
It is Enum server, and logging is taking care of billing process.
I don't see why you need to preserve queries and responses, unless you plan to
charge differently for different DNS requests. Can't you just track traffic
per client using
13 matches
Mail list logo
