[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-chat
Subject:    Re: Too Much DNS Traffic / Analysis
From:       Gregory Sutter <gsutter () zer0 ! org>
Date:       2003-11-06 1:59:03
[Download RAW message or body]


On 2003-11-03 18:54 -0800, "Jason C. Wells" <jcw@highperformance.net> wrote:
> 
> In 'ipfw show' I can see that 528 packets came in on smtp.  20 packets
> came in on http.  Something like 40,000 packets came in on DNS in one day.
> This seems to be way too much DNS traffic for the little bit of use my
> network sees.

Packets is not that useful a measure of figuring out where DNS traffic
originates.  Have you enabled query logging to see what is causing all
the traffic?

I cleaned up a shell script I wrote to make a simple query analysis
and put it up on <http://zer0.org/bsd/>.  Perhaps this would be of
assistance in finding the source of your DNS traffic.

Greg
-- 
Gregory S. Sutter                     My reality check just bounced.
mailto:gsutter@zer0.org 
http://zer0.org/~gsutter/ 

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]