[dns-operations] Does anybody have a good list of capture filters for DNS traffic - details in email
Joe Abley
jabley at hopcount.ca
Wed Jul 2 14:05:40 UTC 2014
On 2 July 2014 at 9:59:29, Stefan (netfortius at gmail.com) wrote:
> Does anybody have a good set of tcpdump/tshark capture filters, associated
> with DNS, already prep-ed for specific fields in the payload (so beyond
> just the simplistic udp 53 or tcp 53)?
This doesn't sound like exactly what you were looking at, but it might give you some ideas.
http://svsf40.icann.org/de/meetings/siliconvallye2011/presentation-dns-tcpdump-knight-13mar11-en.pdf
Joe
More information about the dns-operations
mailing list