summaryrefslogtreecommitdiff
path: root/network/dnstop/README
diff options
context:
space:
mode:
Diffstat (limited to 'network/dnstop/README')
-rw-r--r--network/dnstop/README26
1 files changed, 26 insertions, 0 deletions
diff --git a/network/dnstop/README b/network/dnstop/README
new file mode 100644
index 0000000000..4465add979
--- /dev/null
+++ b/network/dnstop/README
@@ -0,0 +1,26 @@
+dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of:
+
+ * Source IP addresses
+ * Destination IP addresses
+ * Query types
+ * Response codes
+ * Opcodes
+ * Top level domains
+ * Second level domains
+ * Third level domains
+ * etc...
+
+dnstop supports both IPv4 and IPv6 addresses.
+
+To help find especially undesirable DNS queries, dnstop provides a number of filters. The filters tell dnstop to display only the following types of queries:
+
+ * For unknown/invalid TLDs
+ * A queries where the query name is already an IP address
+ * PTR queries for RFC1918 address space
+
+dnstop can either read packets from the live capture device, or from a tcpdump savefile.
+
+--
+Unless modified, this script compiles with PPP frame support.
+
+Homepage: http://dns.measurement-factory.com/tools/dnstop/
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-23 11:01:40 +0000