Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 Mar 1999 13:27:47 -0500 (EST)
From:      Joseph Scott <joseph@randomnetworks.com>
To:        "Olivas, Stacy Q" <Olivassq@nafm.misawa.af.mil>
Cc:        "'FreeBSD Questions'" <freebsd-questions@FreeBSD.ORG>
Subject:   Re: TCPDUMP output
Message-ID:  <Pine.BSF.4.10.9903231322240.8832-100000@sonic.digital-web.net>
In-Reply-To: <55E8DFF7F828D211A46500104B226B0B0F1F30@nafm.misawa.AF.MIL>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Tue, 23 Mar 1999, Olivas, Stacy Q wrote:

> Hello,
> I'm working on a little DNS monitoring project..
> 
> I have a small caching nameserver setup that feeds machines in a subnet.
> 
> To monitor where they have been, I've setup tcpdump to watch port 53 on the
> machine for all traffic (it's only used for this pupose).. Everyday it
> automatically rolls the logfiles over and sends a copy to me via e-mail (the
> machine is an a secure area that I don't access on a regular basis).
> 
> My question is:
> 
> 1.  Is there a program (preferably unix, but can be a windows based program)
> that would allow me to have the logs formatted something easier to analyze
> or

	I'm not exactly sure what you are looking for as far as "easier".
Do you want easier on the human ?  You may want to check out tcpshow, it's
in the ports collection.


	As for something that understands dns traffic, I think ethereal
does, it's and Xwindows app.
> 2.  Is there a program that would allow me (short of setting up a proxy)
> monitor this sort of thing in an easier way??
> 
> I was thinking about writing a custom utility to analyze this stuff, but I
> figured I might want to ask before doing so (just to save myself some
> time)..
> 
> Thanks in advance.
> Stacy Olivas
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 


Joseph Scott
joseph@randomnetworks.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9903231322240.8832-100000>