Jump to content

DNSTop: Difference between revisions

From Wiki
← Older edit
Kangtain (talk | contribs)
Bureaucrats, Interface administrators, Suppressors, Administrators
9,154 edits
VisualWikitext
 
(4 intermediate revisions by the same user not shown)
Line 9: Line 9:
  Third level domains
  Third level domains
  dll ..
  dll ..
DNSTop mendukung IPv4 dan IPv6 address
DNSTop mendukung IPv4 dan IPv6 address


Line 16: Line 17:
  PTR queries for RFC1918 address space
  PTR queries for RFC1918 address space
  Responses with code REFUSED
  Responses with code REFUSED
DNSTop dapat membaca packet dari live capture device, atau dari tcpdump savefile.
DNSTop dapat membaca packet dari live capture device, atau dari tcpdump savefile.
==Install DNSTOP==
==Install DNSTOP==
  {{Terminal|sudo apt-get install dnstop}}
  sudo apt-get install dnstop


==DNSTOP Syntax==
==DNSTOP Syntax==
{{Example|Penggunaan}}
 
  usage: dnstop [opts] netdevice|savefile
  usage: dnstop [opts] netdevice|savefile
  -4 Count IPv4 packets
  -4 Count IPv4 packets
Line 51: Line 54:
==Contoh==
==Contoh==
  dnstop eth0
  dnstop eth0
Output
 
*'''Output'''
 
[[File:DNSTop1.png|center|thumb|373x373px|Contoh hasil]]
[[File:DNSTop1.png|center|thumb|373x373px|Contoh hasil]]


==Referensi==
==Source==
*[https://bit.ly/3l7Ahp8 ubuntugeekdotcom]
*[https://www.ubuntugeek.com/dnstop-stay-on-top-of-your-dns-traffic.html ubuntugeek.com]
 
[[Category:Jaringan Komputer]]
[[Category:Jaringan Komputer]]
[[Category:Internet]]

Latest revision as of 19:42, 9 January 2022

DNSTop adalah sebuah aplikasi libpcap (seperti tcpdump) yang akan menayangkan berbagai tabel dari traffic DNS di jaringan kita. Saat ini, dnstop akan menampilkan tabel: 

Source IP addresses
Destination IP addresses
Query types
Response codes
Opcodes
Top level domains
Second level domains
Third level domains
dll ..

DNSTop mendukung IPv4 dan IPv6 address

Untuk memudahkan dalam mencari DNS query yang tidak di inginkan, dnstop memberikan beberapa filter. Filter akan memerintahkan dnstop untuk menayangkan hanya tipe query berikut: 

For unknown/invalid TLDs
A queries where the query name is already an IP address
PTR queries for RFC1918 address space
Responses with code REFUSED

DNSTop dapat membaca packet dari live capture device, atau dari tcpdump savefile.

Install DNSTOP

sudo apt-get install dnstop

DNSTOP Syntax

usage: dnstop [opts] netdevice|savefile
	-4	Count IPv4 packets
	-6	Count IPv6 packets
	-Q	Count queries
	-R	Count responses
	-a	Anonymize IP Addrs
	-b expr	BPF program code
	-i addr	Ignore this source IP address
	-n name	Count only messages in this domain
	-p	Don't put interface in promiscuous mode
	-P	Print "progress" messages in non-interactive mode
	-r	Redraw interval, in seconds
	-l N	Enable domain stats up to N components
	-X	Don't tabulate the "source + query name" stats
	-f	filter-name

Available filters:
	unknown-tlds
	A-for-A
	rfc1918-ptr
	refused
	qtype-any


Contoh, dengan -l 2, dnstop akan menyimpan dua tabel: satu dengan top-level domain name, dan satu lagi dengan second-level domain name. Menambahkan level akan memberikan data yang lebih detail, tapi juga membutuhkan memory & CPU.

Contoh

dnstop eth0
  • Output
Contoh hasil

Source

Retrieved from "https://kangtain.com/wiki/index.php?title=DNSTop&oldid=2617"