[Snort-users] DNS Query Logging?

Steve Frank sfrank at ...2014...
Thu May 10 17:22:05 EDT 2001


Isn't that logged in most default DNS installations anyway?  My NSTATS are
configured to pop into my syslog all the time--you should be able to see all
your query types there--or are you looking for something more specific than
that, Jeff?

Steve Frank
Network Manager
Midcom, Inc.


-----Original Message-----
From: Richard, Jeff [mailto:Jeff-Richard at ...562...]
Sent: Thursday, May 10, 2001 3:48 PM
To: 'snort-users at lists.sourceforge.net'
Subject: [Snort-users] DNS Query Logging?


I hope someone can give a hand on this.  I need to get a count of how many
DNS queries my DNS servers are receiving.  What should a rule for DNS
queries look like?  I'm not failure with DNS traffic, but realize that UDP
53, is the protocol/port, just not sure of any signature(s).

-Jeff

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list