*** alpha release, ui sucks ***


dns-monitor is a framework for mining interesting data out of DNS for fun, profit, research, or unhealthy curiosity.


currently the only way to get the code is to download from github. stayed tuned, that will change.


New Release!


This release includes a large number of features over previous revisions.

  • Web Utilities Added
    • Search
    • Fake Reverse
    • New and Popular Questions
  • List tracking is started
  • Can run w/o a database and log key=value to syslog
  • packet::logger is now packet::store, packet::logger implements syslog capabilities

posted by blhotsky

New Release : Adds DB Maintenance


This release includes a maintenance hook in the sniffer to age older records from the packet_query and packet_response tables. These tables can become quite large very quickly. The idea is that the analysis plugins will use these tables to do their analysis, which will be condensed and more easily stored. The default is to keep the full DNS packet data for 8 days, this is configurable via the 'keep_for' option to the packet::logger plugin in dns_monitor.yml.

posted by blhotsky

New site up and running


First alpha release tagged as v0.1 on github. This release relies heavily on PostgreSQL. The schema has been fairly well tested, though there are issues with indexes and archiving records that need to be fixed in a future release.

posted by blhotsky