[dns-operations] PCAP based detector of malicious DNS traffic

Jaap Akkerhuis jaap at NLnetLabs.nl
Fri Jun 27 09:27:27 UTC 2014

    On Fri, Jun 27, 2014 at 10:40:13AM +0200, sthaug at nethelp.no wrote:
    > > The output of the tool is, like Nick's work, a list of domain names and
    > > additionally the set of IP addresses sending traffic to those domains.
    > Is dnsscope available for other OSes, e.g. FreeBSD?
    Yes, you can compile it from our tarballs, the latest of which contains
    the --servfail-tree work can be found on:
    We don't have FreeBSD binaries because we tend to see little demand for
    them, sorry.
This might be a chicken/egg problem. If people want, I'm happy to create a
FreeBSD port/Package when I have some time to life.


More information about the dns-operations mailing list