Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/measurement-factory/dnstop
Stay on top of your DNS traffic
https://github.com/measurement-factory/dnstop
Last synced: 2 months ago
JSON representation
Stay on top of your DNS traffic
- Host: GitHub
- URL: https://github.com/measurement-factory/dnstop
- Owner: measurement-factory
- License: bsd-3-clause
- Created: 2018-02-26T20:48:50.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2024-08-20T19:31:07.000Z (5 months ago)
- Last Synced: 2024-08-20T21:38:02.661Z (5 months ago)
- Language: C
- Size: 350 KB
- Stars: 92
- Watchers: 9
- Forks: 15
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGES
- License: LICENSE
Awesome Lists containing this project
- awesome-cli-tui-software - measurement-factory/dnstop - Stay on top of your DNS traffic (<a name="dns"></a>dns)
README
# DNSTOP: STAY ON TOP OF YOUR DNS TRAFFIC
_dnstop_ is a libpcap application (like tcpdump) that displays various
tables of DNS traffic on your network. Currently _dnstop_ displays
tables of:
- Source IP addresses
- Destination IP addresses
- Query types
- Response codes
- Opcodes
- Top level domains
- Second level domains
- Third level domains
- etc...
_dnstop_ supports both IPv4 and IPv6 addresses.
To help find especially undesirable DNS queries, _dnstop_ provides a number of filters. The filters tell _dnstop_ to display only the following types of queries:
- For unknown/invalid TLDs
- A queries where the query name is already an IP address
- PTR queries for RFC1918 address space
- Responses with code REFUSED
- Responses with code SERVFAIL
- Responses with code NXDOMAIN
_dnstop_ can either read packets from the live capture device, or from a tcpdump savefile.
See also http://dns.measurement-factory.com/tools/dnstop/.
For compatibility with [musl libc](https://musl.libc.org/), define `CFLAGS=-D_GNU_SOURCE` during `configure`.