PaulDotCom mailing list archives
Re: DNS Query capture and analysis
From: xgermx <xgermx () gmail com>
Date: Mon, 27 May 2013 11:06:18 -0500
If you can obtain a full capture on the WAN interface, you could use a Wireshark CaptureFilter to show only the traffic useful to you ('port 53' for example). Alternatively, you could setup a transparent proxy (Squid probably) to get the MiTM point of view or, depending on your intentions, something like FakeNet might even be helpful.
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- DNS Query capture and analysis Tim Parker (May 27)
- Re: DNS Query capture and analysis Carlos Perez (May 27)
- Re: DNS Query capture and analysis Doug Burks (May 27)
- Re: DNS Query capture and analysis xgermx (May 27)
- Re: DNS Query capture and analysis craig bowser (May 27)
- Re: DNS Query capture and analysis Robin Wood (May 27)
- Re: DNS Query capture and analysis Harri Sylvander (May 27)
- Re: DNS Query capture and analysis John Bond (May 27)
- Re: DNS Query capture and analysis Ryan B (May 27)
- Re: DNS Query capture and analysis Frank McClain (May 28)
- Re: DNS Query capture and analysis Tim Parker (May 28)
- Re: DNS Query capture and analysis Jon Molesa (May 29)
- Re: DNS Query capture and analysis Ryan B (May 27)
- Re: DNS Query capture and analysis Jon Molesa (May 28)
- Re: DNS Query capture and analysis allison nixon (May 29)
(Thread continues...)