On Fri, Jul 04, 2014 at 06:00:48PM +0700, Roland Dobbins <[email protected]> wrote a message of 23 lines which said:
> I know that some DNS operators disable logging of queries/responses > due to the overhead of doing so Logging in the name server itself is typically very slow, take resources and, more seriously, add a new feature (which means new bugs and new security issues) to a critical software. So, indeed, it should not be done. > and/or logging queries/responses out-of-band via packet-capture > taps, databases, etc.? Following OARC workshops, it seems many operators of authoritative name servers log everything, with capture taps + a NoSQL-bigdata-thing. There are also captures of traffic at recursors, for instance Farsight' SIE, which logs the answers, and have interesting services on the top of it (such as DNSDB). _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
