dnssnarf : collect DNS statistics

Here’s how to install dnssnarf on ubuntu 13.04.

about dnssnarf

https://github.com/Cysource/DNSsnarf

# tail -1 /etc/lsb-release DISTRIB_DESCRIPTION="Ubuntu 13.04" # uname -ri 3.8.0-19-generic x86_64

install dnssnarf via git.

# git clone https://github.com/Cysource/DNSsnarf.git Cloning into 'DNSsnarf'... # cd DNSsnarf/ # make # make install # ls /usr/bin/dnssnarf* /usr/bin/dnssnarf  /usr/bin/dnssnarfclient

start dnssnarf daemon.

# /usr/bin/dnssnarf --help /usr/bin/dnssnarf: invalid option -- '-' Usage: /usr/bin/dnssnarf [options] Available Options:  -f : Foreground mode  -i : Device selection (-i eth9)  -s : State file location (-s /path/to/state.bin)  -p : PID file location (-p /var/run/dnssnarf.pid) # /usr/bin/dnssnarf -i eth0 # dnssnarf: started.

do some name resolution.

# dig @<etg0’s IP> foo.bar a …

get DNS statistics.

# /usr/bin/dnssnarfclient Usage   : /usr/bin/dnssnarfclient <options> Options : -r RECORDTYPE          -q Count of incoming packets          -a Count of outgoing packets          -t Combined count # /usr/bin/dnssnarfclient -r A -q 26 # /usr/bin/dnssnarfclient -r A -a 43 # /usr/bin/dnssnarfclient -r A -t 69

# /usr/bin/dnssnarfclient -r AAAA -q 6 # /usr/bin/dnssnarfclient -r MX -q 4 # /usr/bin/dnssnarfclient -r TXT -q 4 # /usr/bin/dnssnarfclient -r PTR -q 8 # /usr/bin/dnssnarfclient -r A -q 5e7 # python Python 2.7.4 (default, Apr 19 2013, 18:28:01) [GCC 4.7.3] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> 0x5e7 1511 >>>