Add timestamps to the logging
CompletedAdd timestamps to the logging of domain requests.
-
"I am looking for a system that records timestamps on the logs"
http://www.nirsoft.net/utils/dns_query_sniffer.html (DNS traffic)
http://www.pyrenean.com/Filtering (DNS traffic)
http://fiddler2.com/ (web traffic)
Enough now?
-
No, these are to install on a computer and capture traffic only from there. Only your router would be able to capture all traffic of your network.
If your (unspecified) router can't do this, then
- you may see if it can be flashed with an alternative firmware being able to do this traffic capturing, or
- you may use another (or existing) computer, installing a proxy server (or the 1st or 3rd program from above) on it, and put it between the router and the rest of devices in the network. You enable logging on this server to capture what you want..
There's nothing simple. because what you're requesting is not simple.
You enable logging on this server to capture what you want..
-
bi baksana www.oynayun.com
-
MAC addresses could not be captured from the DNS query. However, the name/IP of the server that processed the DNS query could be displayed along with the timestamps. Point half your hosts at one of the OpenDNS servers, and point the other half at the "other" OpenDNS server. Between the timestamps and the server, users would have a better chance of identifying the origin of interesting traffic.
-
"However, the name/IP of the server that processed the DNS query could be displayed along with the timestamps."
Not possible either. OpenDNS just sees your one public IP address from your DNS queries, no matter what LAN device is raising a DNS query. Internal names and IP addresses are and stay internal, fortunately.
-
Robitz, read my post again. I am not looking for the address of the requestor (your PC) but of the OpenDNS SERVER that handled the request. There are 2. Granted, it's not much but if a customer has to narrow down the source of interesting traffic, they can configure the suspect hosts to use one or the other of the 2 OpenDNS servers. Paired with a timestamp it could help decide which device made the interesting request.
Post is closed for comments.
Comments
96 comments