Capture DNS requests?

Comments

9 comments

  • Avatar
    rotblitz

    As you may know, DNS queries do not contain URL information and are different from web surfing, because DNS queries are raised by any networking application, not just browsers, and they are cached locally, so are often not raised repeatedly. So, OpenDNS can just log domain names, not any other objects or information.

    If this information is sufficient, then OpenDNS is the way to go. You start here: https://store.opendns.com/start/

    If you need other and more detailed information, e.g. about every URL, keywords being used, etc. then they had to go for local measures, e.g. installing a sniffer or logging software or using the router's logging capabilities.

    0
    Comment actions Permalink
  • Avatar
    chacham2

    I think just the websites being visited would be fine. Obviously, a DNS request is sent to resolve the ip of the requested address, hence a DNS solutions sounds pretty simple to me. As i don't usually do this sort of thing, i want to hear what others have to say; and maybe learn a thing or two. Do you think i am missing anything?

    There seems to be different options here. Which option would help them, that is, a pay option or not, and how would they see a list of requests afterwards?

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "I think just the websites being visited would be fine."

    This is not what happens.  DNS is not about websites being visited.  You'll find a lot of things like dns.msftncsi.com, time.windows.com, ads2.contentabc.com, _sip._udp.sip.simply-connect.de, liveupdate.symantecliveupdate.com, 3.bp.blogspot.com, download.windowsupdate.com and much more where no user ever has visited this site.  As I said, allmost all network applications raise DNS queries the whole day, on all devices, even the router itself does it.

    "Do you think i am missing anything?

    Who knows...

    "There seems to be different options here."

    OpenDNS Home Basic (free), OpenDNS Home VIP (paid) and Premium DNS (free, no content filtering) are what you are looking for.  These three come with stats and logs, but the free versions stores them for 14 days only (vs 1 year for VIP), and you must visit the stats at least once every 14 days with the free versions, else they stop collecting stats until you visit the stats again.

    0
    Comment actions Permalink
  • Avatar
    chacham2

    Ah, you are trying to make clear to me that many apps use DNS requests, and if i wanted a list of websites visited, i would have no way of filtering the request made specifically by a browser... I think tnat would be okay here, because they want to see if anything inappropriate sticks out. Yeah, it may be some work, but it's a good place to start.

    Excellent links on the reports. Thanx!

    Where can i find a comparison of the three services?

     

     

    0
    Comment actions Permalink
  • Avatar
    chacham2

    I see the three services listed here: http://www.opendns.com/home-internet-security/parental-controls/opendns-home/

    A comparison table would be a lot nicer. The $20 for the year sounds quite reasonable though.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "Where can i find a comparison of the three services?"

    Strangely, there isn't a feature comparison chart anymore I knew of.

    But see e.g. https://support.opendns.com/entries/21915245-What-is-OpenDNS-VIP-

    Premium DNS is like Home Basic, but has no configurable content filtering and black/whitelisting of domains.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "I see the three services listed here"

    I should mention that FamilyShield doesn't come with stats and logs.  And Premium DNS isn't listed there, but at http://www.opendns.com/home-internet-security/premium-dns/

    Simply start with Home Basic and see if it fits your needs.  You may upgrade to VIP later if you are fully convinced.

    0
    Comment actions Permalink
  • Avatar
    chacham2

    Well, it's not for me, it is for them. From the links you posted (thanx! again!) i see the difference is minimal. The longer retention is nice, but not required.

    The product page lists "OpenDNS Home VIP gives you detailed charts about websites being visited on your home network. See your top websites and be notified of problematic ones." That might be helpful to them. Plus the support, as they are not technical people.

    All this is for a recommendation. I plan to pass on as much (relevant) information as i gather.

    0
    Comment actions Permalink

Please sign in to leave a comment.