Hi Tim, I recommend Bro for logging DNS queries/responses and ELSA for slicing and dicing those Bro logs. You can have both Bro and ELSA up and running in about 10 minutes with Security Onion: http://securityonion.blogspot.com/2013/01/dns-visibility-with-security-onion-1204.html
Hope that helps! Thanks, Doug On Sun, May 26, 2013 at 9:53 PM, Tim Parker <[email protected]> wrote: > What's the best way to capture and analyze DNS queries and responses on my > LAN? Are there any good tools out there for this? I can run a full capture > on the WAN interface, but then what's good for automating the extraction of > the DNS traffic? > > Thanks! > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- Doug Burks http://securityonion.blogspot.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
