Too Much DNS Traffic / Analysis
Gregory Sutter
gsutter at zer0.org
Wed Nov 5 17:59:05 PST 2003
On 2003-11-03 18:54 -0800, "Jason C. Wells" <jcw at highperformance.net> wrote:
>
> In 'ipfw show' I can see that 528 packets came in on smtp. 20 packets
> came in on http. Something like 40,000 packets came in on DNS in one day.
> This seems to be way too much DNS traffic for the little bit of use my
> network sees.
Packets is not that useful a measure of figuring out where DNS traffic
originates. Have you enabled query logging to see what is causing all
the traffic?
I cleaned up a shell script I wrote to make a simple query analysis
and put it up on <http://zer0.org/bsd/>. Perhaps this would be of
assistance in finding the source of your DNS traffic.
Greg
--
Gregory S. Sutter My reality check just bounced.
mailto:gsutter at zer0.org
http://zer0.org/~gsutter/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-chat/attachments/20031105/5a7c37b5/attachment.bin
More information about the freebsd-chat
mailing list