summaryrefslogtreecommitdiff
path: root/network/dnstop/README
diff options
context:
space:
mode:
authorMenno Duursma <druiloor@zonnet.nl>2010-05-11 20:01:31 +0200
committerMichiel van Wessem <michiel@slackbuilds.org>2010-05-11 20:01:31 +0200
commit270a3d6ee526f5ba415493abbdc23aa87ac16585 (patch)
tree4e19876940dca92cae47f1bbedf0de717861eeae /network/dnstop/README
parentc5b8f0a5d9694132063cc3ea5a407a2fe65ba10c (diff)
downloadslackbuilds-270a3d6ee526f5ba415493abbdc23aa87ac16585.tar.gz
network/dnstop: Added to 12.0 repository
Diffstat (limited to 'network/dnstop/README')
-rw-r--r--network/dnstop/README26
1 files changed, 26 insertions, 0 deletions
diff --git a/network/dnstop/README b/network/dnstop/README
new file mode 100644
index 0000000000..4465add979
--- /dev/null
+++ b/network/dnstop/README
@@ -0,0 +1,26 @@
+dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of:
+
+ * Source IP addresses
+ * Destination IP addresses
+ * Query types
+ * Response codes
+ * Opcodes
+ * Top level domains
+ * Second level domains
+ * Third level domains
+ * etc...
+
+dnstop supports both IPv4 and IPv6 addresses.
+
+To help find especially undesirable DNS queries, dnstop provides a number of filters. The filters tell dnstop to display only the following types of queries:
+
+ * For unknown/invalid TLDs
+ * A queries where the query name is already an IP address
+ * PTR queries for RFC1918 address space
+
+dnstop can either read packets from the live capture device, or from a tcpdump savefile.
+
+--
+Unless modified, this script compiles with PPP frame support.
+
+Homepage: http://dns.measurement-factory.com/tools/dnstop/