would like to know / track who is using my DNS...
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
would like to know / track who is using my DNS...

 
Post new topic   Reply to topic    Windows Server Forum Index -> DNS
Author Message
Mike
Guest
Posted: Fri Jan 14, 2005 5:19 am    Post subject: would like to know / track who is using my DNS... Reply with quote
I am currently using Microsoft Active DNS and was wondering if there is
a way to track -
1) Who is using my DNS (host name / IP Address of requestor)
2) What names are they looking up
- at what time did the lookup occur

Does such a log exist in/on MS DNS?
Is there a third party product that will do this?
Thanks so much.

Mike
Back to top
Kevin D. Goodknecht Sr. [
Guest
Posted: Fri Jan 14, 2005 6:04 am    Post subject: Re: would like to know / track who is using my DNS... Reply with quote
In news:1105658372.189845.273640@z14g2000cwz.googlegroups.com,
Mike <mdunne@bcc.ctc.edu> commented
Then Kevin replied below:
Quote:
I am currently using Microsoft Active DNS and was
wondering if there is a way to track -
1) Who is using my DNS (host name / IP Address of
requestor) 2) What names are they looking up
- at what time did the lookup occur

Does such a log exist in/on MS DNS?
Is there a third party product that will do this?
Thanks so much.

Mike

One particular tool? not that I know of, at least one that logs all you
want. You can enable Advanced logging (Advanced tab) in combination with the
port reporter tool, that logs TCP and UDP connections.
That said, DNS is usually a read only service sending out packets of less
than 512 bytes, some packets are larger but that's another story. Anyway the
point is enabling Advanced logging is intended for short term
diagnostistics, using advanced logging can cause the DNS service to log 7020
events and time out because DNS can easily have hundreds if not thousands of
querys per minute and it takes considrable CPU resources to write a log.
This is addition to the port reporter that logs UDP/TCP connections.
It could easily take a pretty mean machine just to write the logs you want
for this one service.

Availability and description of the Port Reporter tool
http://support.microsoft.com/default.aspx?scid=kb;en-us;837243

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Back to top
 
Post new topic   Reply to topic    Windows Server Forum Index -> DNS All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB